>
hello
About
Blog
Testimonials
cookies
2022
Existence oracle for Secure cookies on insecure Web origins
Sep 12
Scraping the bottom of the CORS barrel (part 1)
Aug 4
CVE-2022-21703: cross-origin request forgery against Grafana
Feb 8
2021
Abusing Slack's file-sharing functionality to de-anonymise fellow workspace members
Oct 12
Subdomain takeover: ignore this vulnerability at your peril
Feb 12
The great SameSite confusion
Jan 29