A detailed writeup of discovering and exploiting an SSRF vulnerability through a proxy endpoint, highlighting the methodical approach to bypassing domain whitelists by discovering that the filter was *company.com instead of *.company.com, enabling exploitation via attacker-controlled AWS infrastructure.
A bug bounty writeup demonstrating methodology for finding Cross-Site Script Inclusion (XSSI) and JSONP vulnerabilities by filtering JavaScript files in Burp Suite for sensitive data exposure, with specific examples of exploiting PII leakage through script inclusion without CORS protection. The author shares practical techniques for identifying JSONP callbacks and bypassing Content-Type protections.
An essay exploring the value of 'stupid questions' in mathematical research and learning, using an example of a flawed probability question about coin tosses that led to discovering a new way to estimate π/4 through collaboration with ChatGPT.
METR researchers find that approximately 50% of SWE-bench-passing AI-generated pull requests would not be merged by real repository maintainers, with a 24 percentage point gap between automated benchmark scores and maintainer merge rates. The research uses 4 actual open-source maintainers reviewing 296 AI patches across 3 repositories to quantify the difference between benchmark performance and real-world code quality expectations.
An analysis of mutational grammar fuzzing techniques, discussing both effectiveness and inherent limitations in coverage-guided fuzzing approaches, with practical improvements for finding complex bugs in XSLT and JIT engines.