3 cookie related CVEs!!

Nov 01, 2020 in security - 3 mins to read (518 words)

Back in June my team and I found a vulnerability in the way multiple languages parse cookies which could allow a potential attacker to bypass cookie prefixes. (CVE-2020-8184, CVE-2020-7070, CVE-2020-1045)

Keylogging users via Slack themes

Nov 11, 2019 in security - 3 mins to read (533 words)

Back in August I found a vulnerability in Slack which allowed me to keylog slack input via custom themes.

Spoofing a Pebble appstore app

Nov 20, 2016 in security - 4 mins to read (729 words)

Last month Rob and I found a vulnerability in the Pebble app ecosystem which enabled us to spoof a Pebble appstore application. This was assigned CVE-2016-10702.

ASUS broken API authentication

Sep 05, 2016 in security - 6 mins to read (1k words)

About 3 months ago a component on my motherboard broke, so off I went to contact ASUS for an RMA only to find something completely unexpected…

page 1 of 1

3 cookie related CVEs!!

Keylogging users via Slack themes

Spoofing a Pebble appstore app

ASUS broken API authentication

Matt Langlois

Pebble Toronto presentation

Automating Letsencrypt with Nginx

Reflection: Guatemala mission trip

Simple custom Nginx error pages

Time for another round

The shocking keyboard mystery

Project Deadpool

ASUS broken API authentication

BSides Ottawa CTF - Second place!

Hack Western 3 & CTFort