This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User:Albinowax

From OWASP
Jump to: navigation, search

I'm Head of Research at PortSwigger Web Security, where I design and refines vulnerability detection techniques for Burp Suite's scanner. Recent work has focused on techniques to detect unknown classes of vulnerabilities, and exploiting subtle CORS misconfigurations in bitcoin exchanges. I have extensive experience cultivating novel attack techniques, including server-side RCE via Template Injection, client-side RCE via malicious formulas in CSV exports, and abusing the HTTP Host header to poison password reset emails and server-side caches. I have spoken at numerous prestigious venues including both BlackHat USA and EU, and OWASP AppSec USA and EU.

Retrieved from "https://wiki.owasp.org/index.php?title=User:Albinowax&oldid=234704"