TannerExploiting Application Logic to Phish Internal Mailing ListsTasked with performing a Red Team engagement on a tech company, I had to get creative to phish my way into their most critical assets.Jan 13, 2023Jan 13, 2023
TannerUsing a GitHub app to escalate to an organization owner for a $10,000 bountyI’m going to walk through a simple yet high-impact privilege escalation I landed on while poking around…Jun 20, 20182Jun 20, 20182