https://whitton.io/archive/my-experience-with-the-paypal-bug-bounty-programme/ 2012-10-12T00:00:00+01:00 https://whitton.io/archive/redirects-relative-protocols/ 2012-10-16T00:00:00+01:00 https://whitton.io/archive/vodafone-no-pasting-into-password-fields/ 2012-10-30T00:00:00+00:00 https://whitton.io/archive/persistent-xss-on-myworld-ebay-com/ 2013-01-27T00:00:00+00:00 https://whitton.io/archive/framing-part-1-click-jacking-etsy/ 2013-02-05T00:00:00+00:00 https://whitton.io/articles/stealing-facebook-access-tokens-with-a-double-submit/ 2013-04-13T00:00:00+01:00 https://whitton.io/articles/overwriting-banner-images-on-etsy/ 2013-05-21T00:00:00+01:00 https://whitton.io/articles/hijacking-a-facebook-account-with-sms/ 2013-06-26T00:00:00+01:00 https://whitton.io/articles/removing-covers-images-on-friendship-pages-on-facebook/ 2013-09-25T00:00:00+01:00 https://whitton.io/articles/content-types-and-xss-facebook-studio/ 2013-10-21T00:00:00+01:00 https://whitton.io/articles/instagrams-one-click-privacy-switch/ 2013-10-31T00:00:00+00:00 https://whitton.io/articles/cookie-stealing-on-customer-internet-connections/ 2013-11-19T00:00:00+00:00 https://whitton.io/articles/abusing-cors-for-an-xss-on-flickr/ 2013-12-12T00:00:00+00:00 https://whitton.io/articles/safecurl-ssrf-protection-and-a-capture-the-bitcoins/ 2014-05-19T00:00:00+01:00 https://whitton.io/articles/safecurl-capture-the-bitcoins-post-mortem/ 2014-05-26T00:00:00+01:00 https://whitton.io/articles/bug-bounties-101-getting-started/ 2014-07-29T00:00:00+01:00 https://whitton.io/articles/bypassing-google-authentication-on-periscopes-admin-panel/ 2015-07-20T00:00:00+01:00 https://whitton.io/articles/messenger-site-wide-csrf/ 2015-07-26T00:00:00+01:00 https://whitton.io/articles/xss-on-facebook-via-png-content-types/ 2016-01-27T00:00:00+00:00 https://whitton.io/articles/uber-turning-self-xss-into-good-xss/ 2016-03-22T00:00:00+00:00 https://whitton.io/articles/obtaining-tokens-outlook-office-azure-account/ 2016-04-03T00:00:00+01:00 https://whitton.io/articles/from-researcher-to-engineer-and-beyond/ 2020-04-19T00:00:00+01:00 https://whitton.io/posts/ https://whitton.io/tags/ https://whitton.io/ https://whitton.io/about/ https://whitton.io/page2/ https://whitton.io/page3/ https://whitton.io/page4/ https://whitton.io/page5/