If dev.to was not open source, would you still be able to find this discovery? How much more effort? Using different approach? Thanks
Without the website being open source, I would have to perform a black box audit, and finding those vulnerabilities is definitely possible but might require more time.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.
Auth With Twitter
Auth With GitHub
re: Pwned Together: Hacking dev.to VIEW POST
FULL DISCUSSIONIf dev.to was not open source, would you still be able to find this discovery? How much more effort? Using different approach? Thanks
Without the website being open source, I would have to perform a black box audit, and finding those vulnerabilities is definitely possible but might require more time.