Wednesday, June 13, 2012

Killing a bounty program, Twice (HITB 2012 Slides) by Nir Goldshlager, Itzhak (Zuk)


Google Picnik File Inclusion (Shell on Google server), The Picnik is Over!


Google Affliate Network, Hijack any user account by permission vulnerability,


XSS in

PoC Videos:

Google Books DOM XSS:

Google Calender Stored XSS: 

Google Analytics, Cool Stored XSS: 

Google Friend Connect Stored XSS: 

Google Knol, Access to privates docs using Google Knol Translator Tool: 

Google Feedburner Stored XSS:


To Be Continue ;) Enjoy....


Danijel said...

You guys are great , any suggestion for I book on web application security.2

Post a Comment