Block or report user
Developer Program Member Security Bug Bounty Hunter

Organizations

@sakurity @truefactor

Pinned repositories

  1. cobased

    Truefactor + Ruby on Rails demo

    Ruby 2

  2. sakurity/truefactor

    Truefactor Web Client

    JavaScript 3

31 contributions in the last year

Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Mon Wed Fri

Contribution activity First pull request First issue First repository Joined GitHub

March 2017

Created an issue in sequelize/sequelize that received 3 comments

Hash injection (security)

Using specially crafted requests we can trivially bypass secret_token protections on websites using sequalize. Many people have code like this db.T…

Seeing something unexpected? Take a look at the GitHub profile guide.