Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

One of the best vuln write-ups I've read in a while, in that it steps you through how the initial entrypoint was found, and the steps needed to turn that into a dangerous exploit.

I think what really makes this writeup worth the read is the insight it shows into the thought process of identifying an interesting bug and weaponizing it. Thanks Frans!



Thanks a lot! I had a lot of fun doing it and I really wanted to get every step of the process out there, so that was some really nice feedback :)


That was a really cool read. It's pretty awesome to see Slack patch it and pay them so quickly, if only all companies could operate like that.


It is not the first one either. The Detectify team is top notch and I don't know how they and their product are not better known




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: