Get the app
Kevin Mizu
Security researcher at Bisecure, specializing in web application security and DOMPurify bypasses. Known for his research on DOMPurify and the creation of Domlogger++.
Best podcasts with Kevin Mizu
Ranked by the Snipd community
Feb 20, 2025
• 1h 49min
Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu
chevron_right
Kevin Mizu, a security researcher at Bisecure specializing in web app security, discusses the critical vulnerabilities associated with DOMPurify. He explores dangerous allow-lists, improper sanitization techniques, and the significance of managing configurations. Mizu shares insights into his own bug bounty experiences, including the exploitation of misconfigured regex patterns and the nuances of Unicode normalization. The conversations emphasize creative thinking in cybersecurity and the intricate methods used to bypass HTML sanitization, underscoring the complexities in maintaining web application security.
The AI-powered Podcast Player
Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
Get the app