Tweets
- Tweets
- Tweets & replies
- Photos & videos
@homakov is blocked
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @homakov.
Experimental offer for Rails apps: if we (http://sakurity.com ) don't find any severe bugs you get a 50% discount. Whitebox only! #RT
FYI, after my post on NoCaptcha clickjacking http://homakov.blogspot.com/2014/12/the-no-captcha-problem.html … the issue seems fixed. But pretty sure there's a bypass, no time to dig.
6 retweets 3 favoritesNew Paypal gateway UI is a disaster http://homakov.blogspot.com/2014/12/new-paypal-gateway-ui-is-disaster.html …
19 retweets 15 favoritesLooked into top of criminal cities and Oakland surprises me. It's next to SF, innovations and lots of upscale jobs, why they don't use it?
I hate @isciurus for working in Facebook! My sales letters don't work anymore because he, damn it, fixes FB bugs!
Are there studies on how different people type and is it helpful for forensics? I'm playing with this now http://homakov.github.io/type.html
2 retweets 6 favorites
Github is offering me to check out with paypal but how can I believe my credentials to this shady popup? pic.twitter.com/Tm8LyKSGVV
http://andyadams.org/you-can-charge-more/ … Find your selling point. We find breaches, and I can easily justify our rates. Believe me it should be higher.
1 retweet 3 favoritesdisappointed with @github "blocking" suicide.txt for russian IPs. https://github.com/github/roskomnadzor …
http://securityintelligence.com/spoofedme-social-login-attack-discovered-by-ibm-x-force-researchers/ … unconfirmed emails is an interesting vector but only for LinkedIn login. Others aren't popular as identity providers.
3 retweets 6 favoritesHey, "good guys" out there, can you help my bot plz? http://homakov.github.io/nocaptcha.html
6 retweets 9 favoritesThe No CAPTCHA problem http://homakov.blogspot.com/2014/12/the-no-captcha-problem.html …
34 retweets 19 favoritesDoesn't recaptcha team get it? It's not about OCR, it's about using 3rd world labor to solve anything. It's futile. http://googleonlinesecurity.blogspot.com/2014/12/are-you-robot-introducing-no-captcha.html …
4 retweets 4 favoritesRTFM about CSRF protection, paypal?. One token valid for everyone: http://yasserali.com/hacking-paypal-accounts-with-one-click/ …
20 retweets 16 favoritesFinally the US has something to be proud of http://rt.com/usa/210895-usa-marijuana-smuggle-mexico/ …
7 retweets 5 favoritesWant to turn "5 login attempts" into 10 or 20+? Race conditions! Works pretty much everywhere including Devise (and is WONTFIX).
3 retweets 7 favoritesHacking file uploaders with race condition http://homakov.blogspot.com/2014/11/hacking-file-uploaders-with-race.html …
90 retweets 99 favorites
Can we make a valid gif/png/jpg file which is also valid .htaccess?
6 retweets 9 favorites
Twitter may be over capacity or experiencing a momentary hiccup.
Visit Twitter Status for more information.