Hacking Swagger-UI - from XSS to account takeovers
We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...
Read postGroup of curious bug bounty hunters and offensive security researchers who are exploring the world of web security.
We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...
Read postOur goal is to produce valuable security reserach and help companies secure their web services. Among our team members we have experienced web developers, security engineers and researchers.
Security Researcher & Co-Founder
Security Researcher & Co-Founder
Security Researcher
We study web application libraries, tools and services to explore new security vulnerabilities and attack types. We scan thousands of hosts daily to detect similar patterns based on findings, report them to companies, and then produce well-researched, in-depth content to share knowledge with researchers and rise the awarness.
We’re working on a new web application security scanner dedicated to modern web applications. Our goal is to create a tool with lower false positive rate, and more customization options, tailored specifically for every cutomser need. More information coming soon.
Our team submitted almost 100 security reports to several tech companies, including Facebook/Meta, Microsoft, Yahoo, Shopify and many more.
Our findings include original vulnerabilities, never published before. Based on our security research we create modules for the web application security
scanner we are developing, to scan infrastructure of 1300 companies for similar bugs. More information on the tool and its availability for our business partners is coming soon.
Subscribe to our newsletter to be the first to hear about our security research and the tool.