Hacker News
- Bitstamp problem and warm wallets http://homakov.blogspot.com/2015/01/bitstamp-problem-and-warm-wallets.html 20 comments
- CSRF in Doorkeeper OAuth2 gem http://homakov.blogspot.com/2014/12/blatant-csrf-in-doorkeeper-most-popular.html 79 comments
- New Paypal gateway UI susceptible to spoofing http://homakov.blogspot.com/2014/12/new-paypal-gateway-ui-is-disaster.html 51 comments
- Timing attack, 6.66% faster http://homakov.blogspot.com/2014/07/timing-attack-666-faster.html 19 comments
- How I hacked Github again http://homakov.blogspot.com/2014/02/how-i-hacked-github-again.html 190 comments
- Account hijacking on MtGox http://homakov.blogspot.com/2014/01/account-hijacking-on-mtgox.html 37 comments
- Cookie Bomb or Let's Break the Internet http://homakov.blogspot.com/2014/01/cookie-bomb-or-lets-break-internet.html 75 comments
- Token Fixation in Paypal http://homakov.blogspot.com/2014/01/token-fixation-in-paypal.html 15 comments
- How to send DMs on Twitter without permission https://homakov.blogspot.com/2013/12/how-to-send-dm-on-twitter-wo-permission.html 56 comments
- RJS leaking vulnerability in multiple Rails applications http://homakov.blogspot.com/2013/11/rjs-leaking-vulnerability-in-multiple.html 67 comments
- Googleusercontent.com fun http://homakov.blogspot.com.es/2013/07/googleusercontentcom-fun-or-snowden-is.html 39 comments
- Camjacking: Click and say Cheese http://homakov.blogspot.com/2013/06/camjacking-click-and-say-cheese.html 3 comments
- Achilles Heel of OAuth or Why Facebook Adds #_=_ http://homakov.blogspot.com/2013/03/redirecturi-is-achilles-heel-of-oauth.html?m=1 33 comments
- Hacking Github with Webkit http://homakov.blogspot.com/2013/03/hacking-github-with-webkit.html 78 comments
- OAuth1, OAuth2, OAuth... ? http://homakov.blogspot.com/2013/03/oauth1-oauth2-oauth.html 3 comments
- I Can Detect Your Facebook Username, Using W3C Standard http://homakov.blogspot.com/2013/02/url-detection-with-hash-history-i-know.html 57 comments
- How we hacked Facebook with OAuth2 and Chrome bugs http://homakov.blogspot.com/2013/02/hacking-facebook-with-oauth2-and-chrome.html 49 comments
- Cross Origin Madness http://homakov.blogspot.com/2013/02/cross-origin-madness-or-your-frames-are.html 14 comments
- How To Cheat On Facebook Apps Permissions http://homakov.blogspot.com/2012/08/how-to-cheat-on-facebook-apps.html 32 comments
- OAuth2.a or Let's Just Fix It http://homakov.blogspot.com/2012/08/saferweb-oauth2a-or-lets-just-fix-it.html 15 comments
- Whitelist Your Routes, "match" is Evil http://homakov.blogspot.com/2012/04/whitelist-your-routes-match-is-evil.html 45 comments
- #1 CSRF Is A Vulnerability In All Browsers http://homakov.blogspot.com/2012/03/1-csrf-is-vulnerability-in-all-browsers.html 238 comments
- "Egor, stop hacking Github" http://homakov.blogspot.com/2012/03/egor-stop-hacking-gh.html 111 comments
Lobsters
- How I hacked Github again http://homakov.blogspot.com/2014/02/how-i-hacked-github-again.html 9 comments security , web
- Cookie Bomb or let's break the Internet. http://homakov.blogspot.com/2014/01/cookie-bomb-or-lets-break-internet.html?m=1 4 comments browsers , web
- Hacking file uploaders with race condition http://homakov.blogspot.com/2014/11/hacking-file-uploaders-with-race.html 11 comments netsec
- Egor Homakov: How I hacked Github again. http://homakov.blogspot.com/2014/02/how-i-hacked-github-again.html 100 comments programming
- How i hacked github... Again http://homakov.blogspot.com/2014/02/how-i-hacked-github-again.html?m=1 56 comments netsec
- How to send DM on Twitter w/o permission http://homakov.blogspot.com/2013/12/how-to-send-dm-on-twitter-wo-permission.html 69 comments netsec
- RJS leaking vulnerability in multiple Rails applications http://homakov.blogspot.com/2013/11/rjs-leaking-vulnerability-in-multiple.html 4 comments netsec
- The blog of clever website exploits http://homakov.blogspot.com/ 20 comments webdev
- OAuth1, OAuth2, OAuth...? http://homakov.blogspot.com/2013/03/oauth1-oauth2-oauth.html 20 comments netsec
- Pagebox — Website Gatekeeper http://homakov.blogspot.com/2013/02/pagebox-website-gatekeeper.html 12 comments netsec
- How we hacked Facebook with OAuth2 and Chrome bugs http://homakov.blogspot.com/2013/02/hacking-facebook-with-oauth2-and-chrome.html 95 comments programming
- How we hacked Facebook with OAuth2 and Chrome bugs http://homakov.blogspot.com/2013/02/hacking-facebook-with-oauth2-and-chrome.html 21 comments netsec
- Rails is [Fr]agile. Vulnerabilities Will Keep Coming. http://homakov.blogspot.com/2013/01/rails-is-fragile-vulnerabilities-will.html 20 comments netsec
- SaferWeb: The Most Common OAuth2 Vulnerability http://homakov.blogspot.com/2012/07/saferweb-most-common-oauth2.html 8 comments programming
- "Hacking" Popular Sites (TL;DR: CSRF Is A Huge Deal) http://homakov.blogspot.com/2012/03/hacking-skrillformer-moneybookers.html 3 comments webdev
- Egor Homakov: #1 CSRF Is A Vulnerability In All Browsers - You MUST Deny It ASAP. http://homakov.blogspot.com/2012/03/1-csrf-is-vulnerability-in-all-browsers.html 11 comments netsec
- How github was compromised http://homakov.blogspot.com/2012/03/how-to.html 2 comments netsec