Paulos Yibelo | Official Blog. Powered by Blogger.

Blog

About Paulos

I write about application security and client side offensive exploit research. I really enjoy breaking things and occasionally do bug bounties, with notable references such as Coinbase, Facebook, Twitter ...

Popular Posts

  • This man thought opening a TXT file is fine, he thought wrong. macOS CVE-2019-8761
  • Pre-auth RCE via XXE & SSRF on NetGear Stora, SeaGate Home, and Medion LifeCloud NAS
  • Exploiting PHP Upload forms with CVE-2015-2348
  • DoubleClickjacking: A New Era of UI Redressing
  • Cross Window Forgery: A New Class of Web Attack
  • ZTE ZXDSL 831 Router Exploits: Hacking and Rooting my internet neighbor
  • Why CSP Should be carefully crafted: Twitter XSS & CSP Bypass
Tweets by PaulosYibelo

Blog Archive

  • ▼  2014 (9)
    • ▼  July (3)
      • It Begins.
      • Facebook Bug Bounty 2014: Linkshim Evasion and URL...
      • Facebook Bug Bounty 2014, Reflected XSS and Filter...
    • ►  September (2)
    • ►  November (2)
    • ►  December (2)
  • ►  2015 (4)
    • ►  January (1)
    • ►  March (2)
    • ►  May (1)
  • ►  2016 (3)
    • ►  June (1)
    • ►  October (1)
    • ►  November (1)
  • ►  2017 (2)
    • ►  May (2)
  • ►  2018 (4)
    • ►  February (1)
    • ►  April (1)
    • ►  June (1)
    • ►  November (1)
  • ►  2021 (1)
    • ►  April (1)
  • ►  2024 (2)
    • ►  February (1)
    • ►  December (1)

Labels

  • about (1)
  • bugbounty (6)
  • bypass (4)
  • cve (3)
  • findings (7)
  • personal (1)
  • php (4)
  • websecurity (12)

recent posts

Blog Templates Created By BeautyTemplates.

Back to top