Neal Poole

  • Home
  • About
  • Contact
  • Responsible Disclosure
  • Twitter
  • RSS Feed

Archives

Mon 31 January 2011
How Does Cross-Site Scripting Become Arbitrary Code Execution? An Ode to the Oft-Maligned Referer Header
Fri 14 January 2011
HTTP Response Splitting on reddit.com
Mon 10 January 2011
Google Vulnerability Reward Program: Feedburner CSRF

  • About Me

    My name is Neal Poole. I'm interested in web application security. I'm a Security Engineer on the Product Security team at Facebook. My posts are my own and do not necessarily reflect the views and opinions of my employer.

  • Categories

    • General Musings
    • Rants & Raves
    • Tips & Tricks
    • Vulnerability Writeups

  • Tags

    0x000006bb Facebook Flash HP Officejet MySQL Oracle Oracle October 2011 CPU PHP Plupload SVN USB Wordpress addons.mozilla.org arbitrary code execution arbitrary precision clickjacking code execution coinbase csrf directory traversal ebay file upload firefox google google apps google code google ejabat google visualization google vulnerability reward program hackathon iconv java java applet jsonp nginx node programming reddit security ssh textpattern web application security xss yaml yandex

  • Archives

    • July 2013 (3)
    • June 2013 (3)
    • April 2013 (2)
    • March 2013 (3)
    • January 2013 (1)
    • May 2012 (1)
    • April 2012 (1)
    • March 2012 (1)
    • October 2011 (3)
    • August 2011 (4)
    • May 2011 (1)
    • April 2011 (4)
    • March 2011 (3)
    • February 2011 (5)
    • January 2011 (3)
    • December 2010 (6)
    • November 2010 (4)
    • August 2010 (5)
    • July 2010 (6)
    • June 2010 (4)
© Neal Poole. Proudly powered by Pelican, which takes great advantage of Python. Theme based on Pyrmont V2.