Flash-based XSS Mayhem: Most Security Solution Vendors Vulnerable · June 7, 2013 · XSS Flash

Dropbox for Business Mailing List Unsubscribe Users (Permission Issue) · May 22, 2013 · Dropbox Elevation of Privilege

Dropbox Team Website Open Redirection · May 17, 2013 · Open Redirect Dropbox

Google Website Translator (Add Editor) CSRF and Google Tasks Clickjacking · May 5, 2013 · Clickjacking Google VRP CSRF

File Upload Bug in PayPal's BillMeLater · March 13, 2013 · PayPal File Upload Vulnerability BillMeLater

Facebook Whitehat Vulnerability for 2013: Open Redirection in Facebook Mobile · February 22, 2013 · Open Redirect Facebook

Blind SQL Injection in PayPal Notifications · January 30, 2013 · SQL Injection PayPal

Twitter Whitehat Vulnerability for 2012: Translation Center CSRF/XSRF · October 19, 2012 · Twitter CSRF

Adobe Website XSS and Open Redirect Vulnerabilities · October 13, 2012 · Adobe XSS Open Redirect

Google Website Translator Clickjacking Vulnerability · August 16, 2012 · Clickjacking Google VRP

Introduction to SQL Injection and Exploitation (MySQL 5 error based) · July 24, 2012 · SQL Injection Tutorial MySQL

IBIBO Clickjacking Vulnerability · June 21, 2012 · Clickjacking

Facebook Porn Scam Attack: The Complete Story · December 22, 2011 · Facebook Scam

Windows password cracking using John The Ripper · October 2, 2011 · Windows John The Ripper Password Cracking

CRLF Injection / HTTP Response Splitting Explained · August 25, 2011 · HTTP Response Splitting Browser CRLF Injection