I'm the founder of Seats.aero, a site for discovering flights with points and miles. Outside of work, I do security research on bug bounties, transportation, and other interesting areas.

links

Twitter

Mastodon

HackerOne

Bugcrowd

Seats.aero

posts

Hacking Formula 1: Accessing Max Verstappen's passport and PII through FIA bugsWould you like an IDOR with that? Leaking 64 million McDonald’s job applicationsBypassing airport security via SQL injectionSecurity concerns with the e-Tugra certificate authorityExploiting Redash instances with CVE-2021-41192Introducing CookieMonster: a tool for breaking stateless authenticationExploiting outdated Apache Airflow instances in bug bountiesHow MarkMonitor left >60,000 domains for the taking

ian carroll

links

posts