I've been working hard on Google's Vulnerability Reward Program over the past few weeks, partly inspired by an enjoyable experience with Capture The Flag. After hinting at a VRP writeup release back in June, I'm excited to share a pair of XSS bugs on the Google Play platform (one of Google's Category Two "Highly Sensitive" web properties)…
Yasin Soliman
In between enjoying the sunny British weather over the weekend, I spent some time working on Google's CTF competition. Open to solo participants and teams alike, the qualification round of Google's second annual Capture The Flag featured a range of challenges involving disciplines like cryptography, reverse engineering, and web security.…
Yasin Soliman
Plotly is a powerful data analytics and visualisation platform. Founded in 2012, the firm offer a range of products, including a collaborative web interface, API libraries, the Plotly.js library, on-premises services and various software utlities. Plotly maintain a public bug bounty program in parallel with a private HackerOne program,…
Yasin Soliman