| 1156 |
How we got read access on Google’s production servers |
2014-04-11 |
| 409 |
Common Nginx misconfigurations that leave your web server open to attack |
2021-02-25 |
| 100 |
The pitfalls of allowing file uploads on your website |
2014-05-20 |
| 1008 |
LastPass autofill exploit |
2016-07-27 |
| 343 |
Hacking Slack using postMessage and WebSocket-reconnect to steal your token |
2017-03-01 |
| 334 |
How to Hack APIs in 2021 |
2021-08-10 |
| 295 |
How I hijacked the top-level domain of a sovereign state |
2021-01-15 |
| 240 |
I exploited TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain (2018) |
2019-01-28 |
| 169 |
Popular Google Chrome extensions are constantly tracking you by default |
2015-11-19 |