Hacking naked Akamai ARL at scale
Trying to load arbitrary content via abandoned Akamai on 2,259 plus 1 bounty targets.
Defeating Parler’s proprietary CAPTCHA
Before the now-infamous Parler social network’s disappearance, we assessed their ‘roll-your-own’ CAPTCHA.
Goodreads - sex spam attack vector?
Goodreads is an Amazon-owned site to track and review books. Recently I got propositioned for sex there.
Hacking a Gmail account with the owner’s gym habits
Researching Amenity Pass bots, I found someone had already written one… with major problems.
How to identify in-client bot detection
Walking through how to clock 4 in-client bot detectors like Google reCAPTCHA and Akamai Bot Management SDK.