This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Albinowax"
Dawnaitken (talk | contribs) m (Creating user page for new user.) |
m (Tag: Visual edit) |
||
| Line 1: | Line 1: | ||
| − | I'm Head of Research at PortSwigger Web Security, where I | + | I'm Head of Research at PortSwigger Web Security, where I design and refines vulnerability detection techniques for Burp Suite's scanner. Recent work has focused on techniques to detect unknown classes of vulnerabilities, and exploiting subtle CORS misconfigurations in bitcoin exchanges. I have extensive experience cultivating novel attack techniques, including server-side RCE via Template Injection, client-side RCE via malicious formulas in CSV exports, and abusing the HTTP Host header to poison password reset emails and server-side caches. I have spoken at numerous prestigious venues including both BlackHat USA and EU, and OWASP AppSec USA and EU. |
Latest revision as of 15:39, 27 October 2017
I'm Head of Research at PortSwigger Web Security, where I design and refines vulnerability detection techniques for Burp Suite's scanner. Recent work has focused on techniques to detect unknown classes of vulnerabilities, and exploiting subtle CORS misconfigurations in bitcoin exchanges. I have extensive experience cultivating novel attack techniques, including server-side RCE via Template Injection, client-side RCE via malicious formulas in CSV exports, and abusing the HTTP Host header to poison password reset emails and server-side caches. I have spoken at numerous prestigious venues including both BlackHat USA and EU, and OWASP AppSec USA and EU.
