koto
@kkotowicz
Followers
9K
Following
4K
Media
81
Statuses
6K
security ninja wannabe Mastodon: @[email protected]
Joined August 2007
I'm happy to release a script gadgets wiki inspired by the work of @slekies, @kkotowicz, and @sirdarckcat in their Black Hat USA 2017 talk! 🔥 The goal is to provide quick access to gadgets that help bypass HTML sanitizers and CSPs 👇 https://t.co/SgsSyxoEMR 1/4
11
170
448
We're sending a HUGE thank you to our incredible community of bughunters ! 🙏 Your passion for finding vulnerabilities keeps our users safe 🔒 To show our appreciation, we awarded over $380,000 in bounties this week, including the largest reward ever given in Google VRP history!
5
38
395
Co do jasnej cholery żeby nie napisać dosadniej.
Co tu się dzieje? Poseł PiS Andrzej Adamczyk mówi w kontekście grupy Dragon sector, która ujawniła machinacje przy pociągach Newagu, o złodziejach i napadzie na dom. Potem posłowie PiS i PO nie chcą słuchać co ustalił Dragon sector i głosują za przerwaniem posiedzenia komisji. To
23
27
423
Do you want to learn more about the various Vulnerability Reward Programs offered by Google? Or you're looking for inspiration? Check the video below in which @kkotowicz and @SecurityMB talk about Google VRPs! https://t.co/RrVGOHM1TE
0
11
65
Pretty cool exploit chain with the redirects. The writeup is also excellent, and the "screenshots" being actually interactive? 🤯 Thanks a lot for the research, @rebane2001!
Love a good client-side exploit chain! This crazy cross-product chain targeting Google by @rebane2001 is a great example of the type of exploit that gets easier the longer you spend targeting a single company https://t.co/mxhH2N7teW
0
4
11
If anyone is following the NEWAG vs Dragon Sector case, this article (in PL, but, well, 2024, google translate) is a really good read about the actual lawsuit and the first day of trial. Second day of trial will be on Jan 15, so there's some time for sides to file more stuff.
[PL] Świetny artykuł z aktualnego stanu sprawy, polecam :) (analiza pozwu przeciwko nam i trochę pierwszej rozprawy) https://t.co/M5Em2b50Mj
0
16
58
XSS in Gmail is now $20k (or 50% more for exceptional quality report). Good thing we don't have XSSes anymore.... Or do we? :)
🚨💰 Google VRP Reward Update 💰🚨 Good news, we are significantly increasing the reward amounts offered by the Google VRP! Look out for up to 5x higher payouts and a maximum reward of $151,515! Details here: https://t.co/gYRql7IRST
1
6
58
It's finally happened! NEWAG IP Management just sued us for copyright infringement and unfair competition. Here's a symbolic picture of the lawsuit as a whole: Newag quoting q3k's own code as supposedly their IP :) More: https://t.co/8rS20yv06O
16
78
508
So NEWAG (context: https://t.co/PV0gaKc4nx) finally filed a lawsuit against members of @DragonSectorCTF / SPS. It took them a few months from when they said they'll do it, and apparently there were some snafus with addresses, but here we are. 1/n🧵
Pamiętacie sprawę Newagu i pociągów, których nie można było uruchomić z powodu zmienionego oprogramowania? 🚄 Sprawa się rozwija, choć w zaskakującym kierunku. Firma Newag bowiem pozwała informatyków z @DragonSectorCTF (@dsredford ) i firmę SPS o naruszenie praw autorskich 🍿
2
20
77
@LinkedIn says no to DOM XSS by enforcing Trusted Types! Congratulations to @shafigullin for this achievement 🎉
0
4
11
@kkotowicz It took us a while but jQuery 4.0.0 beta is out now:
0
1
5
Ever wondered how to increase your bug bounties 💸 ? Our latest blog post introduces our domain tiers security concept and how it is applied at Google, and includes a list of Google's highest sensitivity domains. https://t.co/6zy8qCYK42
bughunters.google.com
Do you want to know more about the concept of domain tiers, understand how they are applied at Google, and view a list of Google's highest sensitivity domains? Take a look at this blog post to find...
1
29
107
See how Google's security engineering team handles rollouts at scale, so we can safely enforce Strict CSP, Trusted Types and other security features on 100s new services yearly. https://t.co/pMcX7UZRAg
bughunters.google.com
There are vastly more engineers at Google dedicated to creating and maintaining new products than there are security engineers working to secure products. For this reason, Google security has to...
1
38
73
Mozilla decides Trusted Types is a worthy security feature
theregister.com
DOM-XSS attacks have become scarce on Google websites since TT debuted
1
11
18
Mozilla has changed their standards position on Trusted Types to positive 🎉 2024 will be a bad year for DOM-based XSS. https://t.co/My2EgTnVUS
github.com
Specification Title: Trusted Types for DOM Manipulation Specification or proposal URL: https://github.com/WICG/trusted-types/blob/master/README.md It seems useful to figure out something here early...
1
34
81
A few deprecations shipped in Chrome 120. Data URLs in SVG <use> is now blocked. https://t.co/IuGEdL6C5A CSP Embedded Enforcement's implicit opt-in for same-origin iframes is gone. https://t.co/1kp0q62pmx
2
8
46
So I'm starting a Youtube Channel 😄 Join me today at 19:00 CEST (in other words: in three hours) when I'll talk about 10 highlights from my bug hunting career: https://t.co/LIyMt7je00
5
23
89
Mastodon、RCEとXSSのセキュリティ修正があります。 それに関連してRubyの「sanitize」というgemのHTMLサニタイザーのバイパスも修正されています。 https://t.co/ZlZ0tnvHBM
github.com
### Impact Using carefully crafted input, an attacker may be able to sneak arbitrary HTML and CSS through Sanitize `>= 3.0.0, < 6.0.2` when Sanitize is configured to use the built-in "...
Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking https://t.co/Ya0QyEcBAQ
0
14
56
