Categories bug bouties Exploiting a double-edged SSRF for server and client-side impact Automated monitoring of subdomains for fun and profit — Release of Sublert How I discovered a $1000 open redirect in Facebook appsec Exploitation of an SSRF vulnerability against EC2 IMDSv2 Exploiting a double-edged SSRF for server and client-side impact Automated monitoring of subdomains for fun and profit — Release of Sublert Python module UrlParse security inconsistency How I discovered a $1000 open redirect in Facebook software engineering Refactoring and deploying ASNLookup.com & REST API on AWS bug bounties Exploitation of an SSRF vulnerability against EC2 IMDSv2