I am always on the lookout for new research areas particularly in web, supply-chain, and open-source security. If you have a research proposal and would be interested in inviting me to collaborate, do not hesitate to get in touch via email. I am especially interested in collaborating with academics in the field of cyber security. Please note: I have a priority queue of research proposals and therefore may not be able to respond to every collaboration request.

In addition, I welcome bug bounty and live-hacking event invites. I usually go by “EdOverflow” on most popular bug bounty platforms.

Others who have collaborated with me in the past have the following to say about my work.

“We applaud the researcher [Ed] for thinking about our product specifically, not just applying a generic checklist.”

Max Krohn, Co-founder of Keybase, OkCupid, SparkNotes, TheSpark on a series of security flaws I uncovered in Keybase

“[Ed] rocks! THANK YOU for all you did for Gratipay!”

Chad Whitacre, Co-founder of Gratipay on my contributions to Gratipay’s security and bug bounty programme

“Ed is so extremely good at dedicating the time and putting the effort to achieve amazing things like we’ve seen with security.txt, part of the safe-harbor discussions, and like so many other things. […] But also he is so extremely selfless. Like most of the work he does is about helping others succeed and like that mentality is just like amazing to me. He has helped on the triage side, the hacker side, the policy side … I mean it’s just amazing to see what he’s done.”

Jobert Abma, Co-founder of HackerOne

“@EdOverflow and @uraniumhacker were the first people to help me out when I had no idea what I was doing.”

Eray Mitrani, Security Engineer at Meta

“[Ed] is prompt precise and the kind of person that contributes well.”

GlobaLeaks, in response to a series of valid bug bounty reports

Publications

“CI Knew There Would Be Bugs Here” — Exploring Continuous Integration Services as a Bug Bounty Hunter (2019)

When it comes to bug bounty hunting and finding exciting areas to explore, it is vital to familiarise yourself with the technologies vendors, and companies rely on. One particularly interesting environment that caught my team’s eye was popular integrations used by various open-source projects, primarily as part of their development life cycle. Some continuous-integration services turned out to be extremely rewarding for us as bug bounty hunters.

This publication was was voted among the “Top 10 web hacking techniques of 2019” and received a Pwnie Award nomination at Black Hat 2019.

Read more…

An analysis of logic flaws in web-of-trust services (2018)

Web-of-trust services (WOT) such as Keybase, Onename, and Blockstack promise to verify individuals’ identities on the web. Since many applications on the web are not consistent this often leads to unintended behaviour and therefore security vulnerabilities in web-of-trust services. In this piece of research, I explored a series of novel attack vectors against web-of-trust services.

Read more…