Tag: Web [10]
- Resolving Undocumented AWS Codebuild Errors and Discussing CI/CD GitHub Integration Security (Jun 17, 2025)
Resolving an undocumented AWS Codebuild error and describing GitHub App integration security considerations. - [$15,000 Bounty] M365 Phish: Power Platform Privilege Escalation and Pivoting (Feb 29, 2024)
Exploring the M365 Power Platform as a means of privilege escalation and flexing control over a phishing victim's SharePoint, OneDrive, Outlook, and Microsoft Teams data. - [$1250 - High Severity] Bypassing Brower Extension's Geolocation Spoofing with a Malicious Website (Location Guard & ExpressVPN) (Aug 28, 2023)
Bypassing the spoof geolocation feature in browser extensions to disclose the physical location of a user. I share two high severity bugs. Bug 1 is a generic payload that works across multiple extensions, and bug 2 is an ExpressVPN specific payload that has been patched. This post is a case study with the Location Guard & ExpressVPN extensions, my bug bounty experience, and a few takeaways that may prove insightful for others. - Optimizing Multi-Destination Routes with Google Maps and a Chrome Extension (Nov 07, 2022)
Finding the best route between multiple destinations in Google Maps or other tools can be frustrating. I have created a bespoke Chromium browser extension to help calculate a relatively optimal multi-destination travel route. Usage: Install the extension, navigate to https://maps.google.com, and use the tool. - M365 Internal Phish: Abusing the Power Platform for SharePoint/OneDrive Privilege Escalation (May 13, 2022)
An internal phishing POC leveraging Microsoft 365 citizen development tools (Power Platform). Phish for access to a target user's OneDrive and all SharePoint sites they own. - Download and Sort HackerOne Hacktivity Reports Using GraphQL Introspection (Jan 12, 2022)
HackerOne hacktivity reports can have very useful (and interesting) content for learning how to test real systems for vulnerabilities. Unfortunately, it's impossible to sort on interesting fields such as severity and bounty from within the Hacktivity web UI. The goal of this post is to demonstrate a means of filtering/sorting HackerOne reports in an attempt to find writeups with valuable techniques/methodologies/strategies or other interesting information. - My First Wordpress Site: olgastherapy.com (Jan 04, 2022)
Configuring wordpress and email for a small business by leveraging an always free Oracle cloud VPS, Google Workspace, and an assortment of free/trial tooling. - Debugging a Race Condition Between Microsoft Edge and SharePoint (Nov 23, 2021)
A random redirect when opening Edge leads to an investigation discovering some interesting behavior between Edge and SharePoint. - Scanning and Hooking Dynamic, Client-Side Data in Modern Web Applications (Nov 22, 2021)
Scanning the DOM for interesting data + hooking getters/setters. Demonstrating POC w/ a PowerApps example. - Finding Vulnerabilities in an 18 Year Old MMO (Nov 12, 2021)
Finding and abusing size constrained XSS and a payment gateway bypass in an 18 year old MMO.