feeds - Sam Curry

home | feeds |donate

Sam Curry

White hat hacker

hacking the world poker tour: inside clubwpt gold’s back office

hacking subaru: tracking and controlling cars via the starlink admin panel

hacking kia: remotely controlling cars with just a license plate

hacking millions of modems (and investigating who hacked my modem)

leaked secrets and unlimited miles: hacking the largest airline and hotel rewards platform

web hackers vs. the auto industry: critical vulnerabilities in ferrari, bmw, rolls royce, porsche, and more

exploiting web3's hidden attack surface: universal xss on netlify's next.js library

hacking chess.com and accessing 50 million customer records

we hacked apple for 3 months: here’s what we found

hacking starbucks and accessing nearly 100 million customer records

don't force yourself to become a bug bounty hunter

abusing http path normalization and cache poisoning to steal rocket league accounts

filling in the blanks: exploiting null byte buffer overflow for a $40,000 bounty

analysis of cve-2019-14994 - jira service desk path traversal leads to massive information disclosure

cracking my windshield and earning $10,000 on the tesla bug bounty program

reading asp secrets for $17,000

the $12,000 intersection between clickjacking, xss, and denial of service

hacking a massive steam scamming and phishing operation for fun and profit

exploiting directory traversal to view customer credit card information on yahoo's small business platform

how i gained access to chef, docker, aws, and mongodb instances in a single request

permanent account takeover on yahoo's small business platform

how i could've taken over the production server of a yahoo acquisition through command injection

eradicating image authentication injection from the entire internet

how i stole the identity of every yahoo user