All authors

Omid Rezaei

Senior Pentester

Security researcher and bug bounty hunter focused on practical exploitation in web and mobile targets.

TwitterGithub
— Posts 07 / 07
  1. 2026 · 02 · 23

    uXSS on Samsung Browser [CVE-2025-58485 · SVE-2025-1879]
  2. 2025 · 05 · 06

    Stealing oAuth Token via Referrer Policy Override
  3. 2024 · 11 · 22

    OAuth Non-Happy Path to ATO
  4. 2024 · 10 · 23

    A Weird CSP Bypass led to $3.5k Bounty
  5. 2023 · 11 · 17

    Hijacking OAuth Code via Reverse Proxy for Account Takeover
  6. 2023 · 10 · 21

    $9240 Bounty in 30 days Hunt Challenge
  7. 2023 · 10 · 14

    Uncovering a Command Injection, $2400 Bounty