Pinnedd0nutEliminating Authorization Vulnerabilities with DacquiriDacquiri identifies and eliminates authorization vulnerabilities by turning them into compiler errors.6 min read·Jan 29, 2022----
d0nutind0nut readsWeek 3 — Real Talk on Real Number SystemsIn continuation of the philosophical and foundational nature of the book thus far, Chapter 3 opens with a discussion on kinds of numbers…3 min read·Jun 10, 2020----
d0nutind0nut readsWeek 1: The Road to RealityI love watching educational Youtube channels. It’s a great way to constantly expose myself to science and technology as I’ve always been…6 min read·May 27, 2020----
d0nutPiercing the Veal: Short Stories to Read with FriendsIt’s been over a year and a half since I’ve started my bug bounty journey as a hacker. With years of experience triaging reports and…16 min read·Apr 27, 2020--4--4
d0nutAttacks on Applications of K-Anonymity — For the Rest of UsThree weeks ago I saw a blog post by fellow bug hunter, Jack Cable. The post both inspired and challenged me. The attack vector presented…9 min read·Aug 20, 2019----
d0nutBetter Exfiltration via HTML InjectionThis is a story about how I (re)discovered an exploitation technique and took a bug with fairly limited impact to a 5 digit bounty by…7 min read·Apr 11, 2019--4--4
d0nut5 Tips Bug Bounty Programs *Want* You to Know AboutIf you’re not aware, I joined Dropbox’s security team last September. Since then, I’ve become very involved in the bug bounty community on…7 min read·Sep 25, 2018----
d0nutinInfoSec Write-upsExfiltration via CSS InjectionToday’s topic is something that’s already pretty well covered: CSS injections. I wanted to talk about my experience implementing this…4 min read·Jul 25, 2018--2--2