EdOverflow

Web developer, security researcher, Senior Pentester at Cure53, sports scholar at University of Warwick, and author of security.txt (RFC 9116). I write about bug bounty, open source, and security—often intertwining the subjects. You can learn more about me and my work here.

Adding security headers to your SvelteKit application

Jan 27, 2023 #sveltekit #security #security engineering

Learn to build it, then break it

Jan 20, 2023 #bug bounty #security

GNU ed Ate My Homework

Apr 2, 2022 #unix #GNU #ed #C

Reading RFCs for bug bounty hunters

Mar 5, 2022 #RFC #IETF #bug bounty

What Bypassing Razer's DOM-based XSS Patch Can Teach Us

Feb 5, 2022 #xss #bug bounty #Razer #security engineering

security.txt adoption in Switzerland

Jan 18, 2022 #security.txt #Switzerland

The Story of the Million Dollar Bounty

Dec 31, 2020 #security #epic games

"CI Knew There Would Be Bugs Here" — Exploring Continuous Integration Services as a Bug Bounty Hunter

Apr 26, 2019 #ci #open source #bug bounty #security

The poor man's bug bounty monitoring setup

Jul 15, 2018 #bug bounty #GitHub

Automating your reconnaissance workflow with 'meg'

Apr 13, 2018 #meg #bug bounty