| | Evolution of Open Redirect Vulnerability (homakov.blogspot.com) |
|
3 points by dsr12 on Jan 24, 2015 | past
|
|
| | OAuth1, OAuth2, OAuth..? (2013) (homakov.blogspot.com) |
|
139 points by neverminder on Jan 23, 2015 | past | 45 comments
|
|
| | Bitstamp problem and warm wallets (homakov.blogspot.com) |
|
42 points by homakov on Jan 7, 2015 | past | 20 comments
|
|
| | CSRF in Doorkeeper OAuth2 gem (homakov.blogspot.com) |
|
249 points by homakov on Dec 17, 2014 | past | 79 comments
|
|
| | New Paypal gateway UI is a disaster (homakov.blogspot.com) |
|
4 points by butwhy on Dec 7, 2014 | past
|
|
| | New Paypal gateway UI susceptible to spoofing (homakov.blogspot.com) |
|
120 points by dsr12 on Dec 7, 2014 | past | 51 comments
|
|
| | New Paypal gateway UI is a disaster (homakov.blogspot.com) |
|
4 points by homakov on Dec 7, 2014 | past
|
|
| | The No CAPTCHA problem (homakov.blogspot.com) |
|
1 point by drinchev on Dec 4, 2014 | past
|
|
| | The No CAPTCHA problem (homakov.blogspot.com) |
|
215 points by homakov on Dec 4, 2014 | past | 96 comments
|
|
| | Remote code execution on Apache+Rails stack by exploiting Paperclip (homakov.blogspot.com) |
|
3 points by dsr12 on Nov 30, 2014 | past
|
|
| | Hacking file uploaders with race condition (homakov.blogspot.com) |
|
17 points by butwhy on Nov 30, 2014 | past
|
|
| | Hacking file uploaders with race condition (homakov.blogspot.com) |
|
5 points by homakov on Nov 30, 2014 | past
|
|
| | Bypassing ClearClick and X-Frame-Options:Visible (homakov.blogspot.com) |
|
1 point by homakov on Sept 2, 2014 | past
|
|
| | Timing attack, 6.66% faster (homakov.blogspot.com) |
|
53 points by jessaustin on July 22, 2014 | past | 19 comments
|
|
| | Whitelist Your Routes, "match" is Evil (2012) (homakov.blogspot.com) |
|
1 point by CoffeeOnWrite on May 6, 2014 | past
|
|
| | Covert Redirect FAQ (homakov.blogspot.com) |
|
12 points by homakov on May 2, 2014 | past
|
|
| | Paperclip vulnerability leading to XSS or RCE (homakov.blogspot.com) |
|
2 points by homakov on Feb 8, 2014 | past
|
|
| | Paperclip vulnerability leading to XSS or RCE (homakov.blogspot.com) |
|
4 points by homakov on Feb 8, 2014 | past | 1 comment
|
|
| | How I hacked Github again (homakov.blogspot.com) |
|
911 points by zhuzhuor on Feb 7, 2014 | past | 190 comments
|
|
| | Speed up your CORS API (homakov.blogspot.com) |
|
3 points by homakov on Jan 29, 2014 | past
|
|
| | Turbo API: How to use CORS without Preflights (homakov.blogspot.com) |
|
5 points by homakov on Jan 29, 2014 | past
|
|
| | Two "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
|
188 points by homakov on Jan 27, 2014 | past | 35 comments
|
|
| | Two severe "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
|
4 points by jessaustin on Jan 27, 2014 | past
|
|
| | Two severe "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
|
11 points by homakov on Jan 27, 2014 | past
|
|
| | Header injection in Sinatra/Rack (homakov.blogspot.com) |
|
5 points by homakov on Jan 19, 2014 | past
|
|
| | Why you're likely vulnerable to open redirect. (homakov.blogspot.com) |
|
3 points by homakov on Jan 18, 2014 | past
|
|
| | Using Content-Security-Policy for Evil (homakov.blogspot.com) |
|
4 points by homakov on Jan 18, 2014 | past
|
|
| | Account hijacking on MtGox (homakov.blogspot.com) |
|
117 points by homakov on Jan 18, 2014 | past | 37 comments
|
|
| | Cookie Bomb or Let's Break the Internet (homakov.blogspot.com) |
|
362 points by paulmillr on Jan 18, 2014 | past | 75 comments
|
|
| | Account hijacking on MtGox (homakov.blogspot.com) |
|
4 points by paulmillr on Jan 14, 2014 | past
|
|
|
|
More |
