Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- Gitlab allows users to delete their account. In order to do this, you need to send an email to somebody.
- The issue is that the email verification and deletion is done by humans. Because the sending address can be spoofed, it is trivial to delete any uses account.
- Bugs are not always technical! Sometimes, it is just a lapse in the attack surface.
