Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
1.
▲
PSA: The Rails SQL injection vuln. is more dangerous than previously indicated
6 points
espes
13 years ago
discuss
2.
▲
Better control of HN possible?
2 points
lbcadden3
14 years ago
discuss
3.
▲
Researcher discloses security bug because Twitter doesn't reward bounty hunters
1 point
aatteka
12 years ago
discuss
4.
▲
How I hacked Github again
(homakov.blogspot.com)
911 points
zhuzhuor
12 years ago
190 comments
5.
▲
"Egor, stop hacking Github"
(homakov.blogspot.com)
446 points
llambda
14 years ago
111 comments
6.
▲
Cookie Bomb or Let's Break the Internet
(homakov.blogspot.com)
362 points
paulmillr
12 years ago
75 comments
7.
▲
How github was hacked
(homakov.blogspot.com)
348 points
bluemoon
14 years ago
71 comments
8.
▲
Did GitHub Suspend Egor Homakov account?
(homakov.blogspot.com)
329 points
VuongN
14 years ago
120 comments
9.
▲
Hacking Github with Webkit
(homakov.blogspot.com)
301 points
homakov
13 years ago
78 comments
10.
▲
How we hacked Facebook with OAuth2 and Chrome bugs
(homakov.blogspot.com)
299 points
maccman
13 years ago
49 comments
11.
▲
CSRF in Doorkeeper OAuth2 gem
(homakov.blogspot.com)
249 points
homakov
11 years ago
79 comments
12.
▲
The No CAPTCHA problem
(homakov.blogspot.com)
215 points
homakov
12 years ago
96 comments
13.
▲
Two "WontFix" vulnerabilities in Facebook Connect
(homakov.blogspot.com)
188 points
homakov
12 years ago
35 comments
14.
▲
#1 CSRF Is A Vulnerability In All Browsers
(homakov.blogspot.com)
183 points
homakov
14 years ago
238 comments
15.
▲
How to send DMs on Twitter without permission
(homakov.blogspot.com)
167 points
brodd
12 years ago
56 comments
16.
▲
RJS leaking vulnerability in multiple Rails applications
(homakov.blogspot.com)
145 points
homakov
13 years ago
67 comments
17.
▲
OAuth1, OAuth2, OAuth..? (2013)
(homakov.blogspot.com)
139 points
neverminder
11 years ago
45 comments
18.
▲
New Paypal gateway UI susceptible to spoofing
(homakov.blogspot.com)
120 points
dsr12
12 years ago
51 comments
19.
▲
Account hijacking on MtGox
(homakov.blogspot.com)
117 points
homakov
12 years ago
37 comments
20.
▲
Achilles Heel of OAuth or Why Facebook Adds #_=_
(homakov.blogspot.com)
113 points
homakov
13 years ago
33 comments
21.
▲
I Can Detect Your Facebook Username, Using W3C Standard
(homakov.blogspot.com)
96 points
homakov
13 years ago
57 comments
22.
▲
How To Cheat On Facebook Apps Permissions
(homakov.blogspot.com)
96 points
homakov
14 years ago
32 comments
23.
▲
Token Fixation in Paypal
(homakov.blogspot.com)
84 points
johnterry_cfc
12 years ago
15 comments
24.
▲
Whitelist Your Routes, "match" is Evil
(homakov.blogspot.com)
76 points
homakov
14 years ago
45 comments
25.
▲
Googleusercontent.com fun
(homakov.blogspot.com.es)
64 points
homakov
13 years ago
39 comments
26.
▲
HTML5 Sandbox - a bad idea
(homakov.blogspot.com)
63 points
homakov
13 years ago
46 comments
27.
▲
Cross Origin Madness
(homakov.blogspot.com)
54 points
homakov
13 years ago
14 comments
28.
▲
Timing attack, 6.66% faster
(homakov.blogspot.com)
53 points
jessaustin
12 years ago
19 comments
29.
▲
Bitstamp problem and warm wallets
(homakov.blogspot.com)
42 points
homakov
11 years ago
20 comments
30.
▲
OAuth2.a or Let's Just Fix It
(homakov.blogspot.com)
37 points
homakov
14 years ago
15 comments
More