Towards a general anti-automation and botting program

Despite what vendors will tell you, defending against malicious automation and ‘bots’ takes a multi-pronged approach.
Read more →

Weaponizing Apify for mass bug bounty $$$

This time we try that funny Akamai ARL business across 5,000,000+ targets, with help from Apify.
Read more →

Hacking naked Akamai ARL at scale

Trying to load arbitrary content via abandoned Akamai on 2,259 plus 1 bounty targets.
Read more →

Defeating Parler’s proprietary CAPTCHA

Before the now-infamous Parler social network’s disappearance, we assessed their ‘roll-your-own’ CAPTCHA.
Read more →

Goodreads - sex spam attack vector?

Goodreads is an Amazon-owned site to track and review books. Recently I got propositioned for sex there.
Read more →