re: Pwned Together: Hacking dev.to VIEW POST

FULL DISCUSSION
 

If dev.to was not open source, would you still be able to find this discovery? How much more effort? Using different approach? Thanks

 

Without the website being open source, I would have to perform a black box audit, and finding those vulnerabilities is definitely possible but might require more time.

code of conduct - report abuse