| | Evolution of Open Redirect Vulnerability (homakov.blogspot.com) |
| 3 points by dsr12 on Jan 24, 2015 | past |
|
| | OAuth1, OAuth2, OAuth..? (2013) (homakov.blogspot.com) |
| 139 points by neverminder on Jan 23, 2015 | past | 45 comments |
|
| | Bitstamp problem and warm wallets (homakov.blogspot.com) |
| 42 points by homakov on Jan 7, 2015 | past | 20 comments |
|
| | CSRF in Doorkeeper OAuth2 gem (homakov.blogspot.com) |
| 249 points by homakov on Dec 17, 2014 | past | 79 comments |
|
| | New Paypal gateway UI is a disaster (homakov.blogspot.com) |
| 4 points by butwhy on Dec 7, 2014 | past |
|
| | New Paypal gateway UI susceptible to spoofing (homakov.blogspot.com) |
| 120 points by dsr12 on Dec 7, 2014 | past | 51 comments |
|
| | New Paypal gateway UI is a disaster (homakov.blogspot.com) |
| 4 points by homakov on Dec 7, 2014 | past |
|
| | The No CAPTCHA problem (homakov.blogspot.com) |
| 1 point by drinchev on Dec 4, 2014 | past |
|
| | The No CAPTCHA problem (homakov.blogspot.com) |
| 215 points by homakov on Dec 4, 2014 | past | 96 comments |
|
| | Remote code execution on Apache+Rails stack by exploiting Paperclip (homakov.blogspot.com) |
| 3 points by dsr12 on Nov 30, 2014 | past |
|
| | Hacking file uploaders with race condition (homakov.blogspot.com) |
| 17 points by butwhy on Nov 30, 2014 | past |
|
| | Hacking file uploaders with race condition (homakov.blogspot.com) |
| 5 points by homakov on Nov 30, 2014 | past |
|
| | Bypassing ClearClick and X-Frame-Options:Visible (homakov.blogspot.com) |
| 1 point by homakov on Sept 2, 2014 | past |
|
| | Timing attack, 6.66% faster (homakov.blogspot.com) |
| 53 points by jessaustin on July 22, 2014 | past | 19 comments |
|
| | Whitelist Your Routes, "match" is Evil (2012) (homakov.blogspot.com) |
| 1 point by CoffeeOnWrite on May 6, 2014 | past |
|
| | Covert Redirect FAQ (homakov.blogspot.com) |
| 12 points by homakov on May 2, 2014 | past |
|
| | Paperclip vulnerability leading to XSS or RCE (homakov.blogspot.com) |
| 2 points by homakov on Feb 8, 2014 | past |
|
| | Paperclip vulnerability leading to XSS or RCE (homakov.blogspot.com) |
| 4 points by homakov on Feb 8, 2014 | past | 1 comment |
|
| | How I hacked Github again (homakov.blogspot.com) |
| 911 points by zhuzhuor on Feb 7, 2014 | past | 190 comments |
|
| | Speed up your CORS API (homakov.blogspot.com) |
| 3 points by homakov on Jan 29, 2014 | past |
|
| | Turbo API: How to use CORS without Preflights (homakov.blogspot.com) |
| 5 points by homakov on Jan 29, 2014 | past |
|
| | Two "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
| 188 points by homakov on Jan 27, 2014 | past | 35 comments |
|
| | Two severe "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
| 4 points by jessaustin on Jan 27, 2014 | past |
|
| | Two severe "WontFix" vulnerabilities in Facebook Connect (homakov.blogspot.com) |
| 11 points by homakov on Jan 27, 2014 | past |
|
| | Header injection in Sinatra/Rack (homakov.blogspot.com) |
| 5 points by homakov on Jan 19, 2014 | past |
|
| | Why you're likely vulnerable to open redirect. (homakov.blogspot.com) |
| 3 points by homakov on Jan 18, 2014 | past |
|
| | Using Content-Security-Policy for Evil (homakov.blogspot.com) |
| 4 points by homakov on Jan 18, 2014 | past |
|
| | Account hijacking on MtGox (homakov.blogspot.com) |
| 117 points by homakov on Jan 18, 2014 | past | 37 comments |
|
| | Cookie Bomb or Let's Break the Internet (homakov.blogspot.com) |
| 362 points by paulmillr on Jan 18, 2014 | past | 75 comments |
|
| | Account hijacking on MtGox (homakov.blogspot.com) |
| 4 points by paulmillr on Jan 14, 2014 | past |
|
|
| More |
