Corben Leo
I enjoy hacking, building, and analyzing things.
I'm a co-founder of Boring Mattress Co.[EXT]↗see what we've built
Since 2016, I've been hacking organizations like the DoD, PayPal, Facebook, Google, Microsoft, Apple, etc. through bug bounties.
Writing & Research
#
Title
Published
01
A $1,000,000 bounty? The KuCoin User Information Leak
02
Adapting to Endure – A Summary.
03
A Simple SQL Injection in an Air Force Website
04
A Fun SSRF through a Headless Browser
05
Learn to Hack Web Apps
06
Exposed Jenkins to RCE on 8 Adobe Experience Managers
07
Analysis of an Atlassian Crowd RCE - CVE-2019-11580
08
CI Knew There Would Be Bugs Here
09
XSS to XXE in Prince v10 and below (CVE-2018-19858)
10
Advanced CORS Exploitation Techniques
11
Chaining Bugs to Steal Yahoo Contacts!
12
Hacking the Hackers: Leveraging an SSRF in HackerTarget
13
SQL Injection in rog.asus.com
14
Tricky CORS Bypass in Yahoo! View
15
H1-212 CTF Solution.pdf
16
PHP Code Injection in X-Cart
17
Stored XSS in Bandcamp
18
Multiple XSS & CSRF in Pulse Connect Secure v8.3R1
19
Reflected & Stored XSS in Invision Power Board
20
Remote Code Execution in AT&T
21
XSS in mail.aol.com
22