My name is Maciej Pulikowski and I'm a 🧙 Software Engineer / 🤖 Fullstack Developer and 👾 Security Researcher (🏆 8 x Google's Hall of Fame)
I am glad you are here. ✌️ Where I share my knowledge about programming and cybersecurity that may help others 😊
18th December 2021
LOG4J Java exploit - WAF and patches bypass tricks
14th July 2022
List of secrets, passwords, API keys, tokens stored inside a system environment variables.
Write-up - [CVE-2022-0337] [Reward: $10.000] System environment variables leak on Google Chrome, Microsoft Edge and Opera
19th March 2022
Successful exploitation of this vulnerability can lead to the leak of users secrets stored inside a system environment variables. A security bug was found in Chromium 92 version and patched in 97 version. There are several web browsers based on the chromium engine, for instance, Google Chrome, Microsoft Edge, Opera, and Brave. All of them were vulnerable, except for Brave. The vulnerability is in the File system access API, more specifically in window.showSaveFilePicker() method.