Lyubomir Tsirkov[Netflix][Smart TV] — Chaining Self-XSS with Session poisoning.I’d like to share my experience of discovering an interesting vulnerability on Netflix while using their TV application. 7 min read·Mar 11, 2023--1--1
Lyubomir TsirkovOSCP Preparation 2021 — Learning PathLike a lot of the people who passed the exam, I am also going to share some thoughts about it … I will be brief.5 min read·Feb 12, 2021----
Lyubomir Tsirkov[GITLAB] — Denial of service via “Login Panel” functionality.After reporting the SSRF issues, I proceeded to explore the application. It was a matter of time to discover something else … A few hours…2 min read·Feb 12, 2021----
Lyubomir Tsirkov[GITLAB] — Just another SSRF issue.Today I am going to talk about the second SSRF vulnerability that I have identified in Gitlab. Just to emphasize again that I’ve never…2 min read·Feb 12, 2021----
Lyubomir Tsirkov[GITLAB] — Server Side Request Forgery in “Project Import” page.I decided to share a story about my first bug bounty earned in HackerOne. It’s about SSRF vulnerability that had been previously exploited…2 min read·Feb 12, 2021--1--1