Dawid Czagan

Dawid Czagan (@dawidczagan) has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, BlackBerry and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid is founder and CEO at Silesia Security Lab, which delivers specialized security auditing services with a results-driven approach. He also works as Security Architect at Future Processing. Dawid shares his bug hunting experience in his workshop entitled "Hacking web applications - case studies of award-winning bugs in Google, Yahoo, Mozilla and more". To find out about the latest in Dawid's work, you are invited to visit his blog (https://silesiasecuritylab.com/blog) and follow him on Twitter (@dawidczagan).

Tunneling, Crypto and VPNs
By Dawid Czagan on April 23, 2015
Bypassing Packet Filters with IP Fragmentation Overlapping
By Dawid Czagan on April 20, 2015
- Ethical Hacking Basics
- Network Security
HTTPS and Mixed Content Vulnerability
By Dawid Czagan on January 8, 2015
- Vulnerabilities
Cookies with Secure Flag: Undesired Behavior in Modern Browsers
By Dawid Czagan on August 11, 2014
Effective Risk Reduction
By Dawid Czagan on May 27, 2014
Qualitative Risk Analysis with the DREAD Model
By Dawid Czagan on May 21, 2014
Cookies with HttpOnly Flag: Problem in Some Browsers
By Dawid Czagan on April 7, 2014
Securing Cookies with HttpOnly and secure Flags
By Dawid Czagan on March 6, 2014
The Importance of Session Regeneration
By Dawid Czagan on February 19, 2014
Session Randomness Analysis with Burp Suite Sequencer
By Dawid Czagan on January 24, 2014
From CSRF to Unauthorized Remote Admin Access
By Dawid Czagan on January 21, 2014
- Access Control
Non-repudiation and digital signature
By Dawid Czagan on January 9, 2014
Attacking LAN hosts with ARP spoofing
By Dawid Czagan on January 8, 2014
Fuzzing for SQL injection with Burp Suite Intruder
By Dawid Czagan on November 8, 2013
- SQL Injection
Quantitative Risk Analysis
By Dawid Czagan on November 4, 2013
- Risk Management
Understanding Session Fixation
By Dawid Czagan on October 31, 2013
Symmetric and Asymmetric Encryption
By Dawid Czagan on October 23, 2013
CSRF Proof of Concept with OWASP ZAP
By Dawid Czagan on October 14, 2013
Online Dictionary Attack with Hydra
By Dawid Czagan on September 13, 2013
Using Hashes in Computer Security
By Dawid Czagan on September 5, 2013

1
2
Next
Page 1 of 2

Tunneling, Crypto and VPNs

Bypassing Packet Filters with IP Fragmentation Overlapping

HTTPS and Mixed Content Vulnerability

Cookies with Secure Flag: Undesired Behavior in Modern Browsers

Effective Risk Reduction

Qualitative Risk Analysis with the DREAD Model

Cookies with HttpOnly Flag: Problem in Some Browsers

Securing Cookies with HttpOnly and secure Flags

The Importance of Session Regeneration

Session Randomness Analysis with Burp Suite Sequencer

From CSRF to Unauthorized Remote Admin Access

Non-repudiation and digital signature

Attacking LAN hosts with ARP spoofing

Fuzzing for SQL injection with Burp Suite Intruder

Quantitative Risk Analysis

Understanding Session Fixation

Symmetric and Asymmetric Encryption

CSRF Proof of Concept with OWASP ZAP

Online Dictionary Attack with Hydra

Using Hashes in Computer Security