Articles tagged with "Bug Bounty" (2)
2016-07-21
Exploiting weak Content Security Policy (CSP) rules for fun and profit
This article is based on my findings during a bug bounty. I was looking for any input bugs which could trigger a XSS but didn’t find any until I tested the file upload functionality. Users had the option to drag&drop images into the …
2016-04-04
Using Amazon S3 for your static site? One thing to keep in mind
Amazon is a great service for hosting your static website. The way it works is by creating a S3 bucket with the name of your website, uploading your files to the bucket and changing the permissions so that the bucket can be read by the internet. So long as …