Your WAF alone, is not enough, not enough, not enough

Posted on Παρ 27 Μάιος 2016 in research • Tagged with XSSLeave a comment

Reflected and Stored XSS in multiple careerbuilder sites

Continue reading

The road to hell is paved with SAML Assertions

Posted on Τετ 27 Απρίλιος 2016 in bounty • Tagged with SAML, office 365, impersonation, Single-Sign-OnLeave a comment

Cross Domain Authentication Bypass in Office 365

Continue reading