1156 |
How we got read access on Google’s production servers |
2014-04-11 |
409 |
Common Nginx misconfigurations that leave your web server open to attack |
2021-02-25 |
100 |
The pitfalls of allowing file uploads on your website |
2014-05-20 |
1008 |
LastPass autofill exploit |
2016-07-27 |
343 |
Hacking Slack using postMessage and WebSocket-reconnect to steal your token |
2017-03-01 |
334 |
How to Hack APIs in 2021 |
2021-08-10 |
295 |
How I hijacked the top-level domain of a sovereign state |
2021-01-15 |
240 |
I exploited TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain (2018) |
2019-01-28 |
169 |
Popular Google Chrome extensions are constantly tracking you by default |
2015-11-19 |