Daniel Thatcher

Here's part 1, detailing how I hacked my company's own product using DNS rebinding: https://t.co/cPAxwGU10O

Part 2 will be release on Wednesday, when I'm presenting the research at BHEU

A while ago I decided to try take on a big challenge and work out how to detect prototype pollution black-box. One thing I’m very happy with from this research is the simplicity of the solution I found

Why do I know so many Dan's in infosec? Is there something about the name Dan? I strongly advise being cautious of your data around anyone named Dan, until we work this out.

The technique isn’t new, but the vast majority of pentesters I’ve spoken to don’t know about it, so I thought it worth sharing with an example from a pentest. I’ve also created a tool to help you exploit this issue https://t.co/yb1KeowbUA

As a newbie pentester I read the RFC for GUIDs out of a fear that I wasn’t testing them correctly. A few years later, it paid off.

I was lucky enough to catch this talk at BH, and it was one of the highlights of the conference for me. Great research, and really well presented

@notdurson Dan is also a wonderful person. It was a lot of fun. Hopefully we see each other again next year

Heading off to Vegas for the first time. If you see me about, say hi. I’m the lanky blond British guy with round black glasses.

If you have stored self-XSS and login CSRF you can probably do something interesting, but you have to do slightly more than this tip says. Here's an example I put together against Moodle a few years ago: https://t.co/5j9PGAWm8d

This example works by using the self-XSS to set a session cookie with a limited path so that the self-XSS will still load when the victim logs back into their account. The self-XSS can then access the rest of the application as the victim, so is effectively regular XSS.