- iOS Safari, Content-Type, and XSS26 Apr 2013
- Browser Event Hijacking14 Nov 2012
- DLP Circumvention -- A Demonstration of Futility20 Jul 2012
- Command Injection without Spaces05 Jul 2012
- Nice DNS Spoofing Tool20 Jun 2012
- CVE-2012-0053 Exploit16 Jun 2012
- httpShell Whitepaper25 Apr 2012
- Abusing Password Managers with XSS25 Apr 2012
- ShrtXSS19 Apr 2012