Hello Everyone, I have a story for you today. It primarily will be about a GraphQL vulnerability I was recently awarded for though a public program hosted on BugCrowd’s platform. This program doesn’t allow for disclosure so I may be redacting or editing where needed to stay within “the rules” :). It also will touch on a little strong-arming I felt I had to do, to ensure my bounty payout was appropriate.

So to quickly get everyone up to speed… GraphQL is a technology that allows for database query and manipulation via API interactions. It was developed by Facebook and…


Hi All, First Medium article, woohoo! I was writing a WordPress blog independently for some time and fell off from updating it. I’ve learned a whole bunch since then.

Today I want to talk about a fun little project I was working on, and also a little unexpected experiment I decided to do once I had the project up and running. The project was a SlackBot. For those of you who area not familiar with Slack, it is basically an instant messaging platform used by organizations and individuals around the world. It supports many of the major features you would…

N0ur5

Pentester, bug hunter, red/purple teamer, all that good stuff.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store