The Sakurity Blog

Dec 10, 2016 • Egor Homakov (@homakov)
Building Botnet on ServiceWorkers
Apr 16, 2016 • Egor Homakov (@homakov)
PrepCAPTCHA, for bots and pentesters
Aug 13, 2015 • Egor Homakov (@homakov)
Using Appcache and ServiceWorker for Evil
Jul 28, 2015 • Egor Homakov (@homakov)
Let's make Offline Web Applications secure!
Jul 18, 2015 • Egor Homakov (@homakov)
Why You Don't Need 2 Factor Authentication
Jun 25, 2015 • Egor Homakov (@homakov)
Puzzle #2: Really Curious XSS in Rails
Jun 4, 2015 • Egor Homakov (@homakov)
Mongo BSON Injection: Ruby Regexps Strike Again
May 21, 2015 • Egor Homakov (@homakov)
Hacking Starbucks for unlimited coffee
May 8, 2015 • Egor Homakov (@homakov)
Hacking Pusher with simple crypto vulnerability
Apr 10, 2015 • Egor Homakov (@homakov)
How to Fix Authentication: Email as a Password Manager
Mar 27, 2015 • Egor Homakov (@homakov)
Why you need to hash reset_token like password
Mar 15, 2015 • Egor Homakov (@homakov)
How "../sms" could bypass Authy 2 Factor Authentication
Mar 10, 2015 • Egor Homakov (@homakov)
ProfileJacking - legal tricks to detect user profile
Mar 5, 2015 • Egor Homakov (@homakov)
RECONNECT - critical bug in websites with Facebook Login
Mar 4, 2015 • Egor Homakov (@homakov)
Your API Authentication is insecure, and we'll tell you why
Mar 3, 2015 • Egor Homakov (@homakov)
Format Injection Vulnerability in Duo Security Web SDK
Feb 28, 2015 • Egor Homakov (@homakov)
Using open-uri? Check your code - you're playing with fire!
Jan 22, 2015 • Egor Homakov (@homakov)
Public report for Peatio
Jan 10, 2015 • Egor Homakov (@homakov)
Hacking a Bitcoin Exchange
Jan 1, 2014 • Egor Homakov (@homakov)
Puzzle #1