| Practical Web Cache Poisoning: Redefining 'Unexploitable' |
Black Hat USA 2018
|
| Cracking the Lens: Targeting HTTP's Hidden Attack-Surface |
Black Hat USA 2017
|
| Backslash Powered Scanning: Hunting Unknown Vulnerability Classes |
Black Hat Europe 2016
|
| Hunting Asynchronous Vulnerabilities |
44CON LONDON 2015
|
| Server-Side Template Injection: RCE for the Modern Web App |
Black Hat USA 2015
|