Bug Bounty

Shopify: Remote Code Execution · July 16, 2015 · Bug Bounty Remote Code Execution Shopify ·

HackerOne Vulnerability: Common Response Title Leak through Triggers · October 15, 2014 · Bug Bounty Elevation of Privilege HackerONe Insecure Direct Object Reference ·

Facebook FriendFeed Stored XSS · August 8, 2014 · Bug Bounty XSS Facebook API FriendFeed

Facebook MailChimp Application OAuth 2.0 Misconfiguration · August 8, 2014 · Bug Bounty Facebook OAuth MailChimp

PayPal CSRF aids in account takeover! · September 21, 2013 · Bug Bounty CSRF PayPal

Dropbox for Business Mailing List Unsubscribe Users (Permission Issue) · May 21, 2013 · Bug Bounty Dropbox Elevation of Privilege