Yasin Soliman

Joe Challenge Writeup: taking part in Google CTF 2017

In between enjoying the sunny British weather over the weekend, I spent some time working on Google's CTF competition. Open to solo participants and teams alike, the qualification round of Google's second annual Capture The Flag featured a range of challenges involving disciplines like cryptography, reverse engineering, and web security.…

Yasin Soliman

A pair of Plotly bugs: Stored XSS and AWS Metadata SSRF

Plotly is a powerful data analytics and visualisation platform. Founded in 2012, the firm offer a range of products, including a collaborative web interface, API libraries, the Plotly.js library, on-premises services and various software utlities. Plotly maintain a public bug bounty program in parallel with a private HackerOne program,…

Yasin Soliman

Road to (unauthenticated) recovery: downloading GitHub SSO bypass codes

As a GitHub bounty hunter with previously resolved reports, this February I was invited to a pre-release of the organisation SAML single sign-on (SSO) feature for GitHub.com, which has since been deployed in production. A few hours after the invitation went live and I reached out to the GitHub team to get started, my testbed organisation…

Yasin Soliman

Yasin Soliman

Twitter

Joe Challenge Writeup: taking part in Google CTF 2017

A pair of Plotly bugs: Stored XSS and AWS Metadata SSRF

Road to (unauthenticated) recovery: downloading GitHub SSO bypass codes