I'm the founder of Seats.aero, a site for discovering flights with points and miles. Outside of work, I do security research on bug bounties, transportation, and other interesting areas.

links

Twitter

Mastodon

HackerOne

Bugcrowd

Seats.aero

posts

Would you like an IDOR with that? Leaking 64 million McDonald’s job applicationsBypassing airport security via SQL injectionSecurity concerns with the e-Tugra certificate authorityExploiting Redash instances with CVE-2021-41192Introducing CookieMonster: a tool for breaking stateless authenticationExploiting outdated Apache Airflow instances in bug bountiesHow MarkMonitor left >60,000 domains for the taking

ian carroll

links

posts