My name is Enguerran Gillier, I am a security researcher and entrepreneur.

I reported vulnerabilities to Google, Facebook, WordPress, Uber, Paypal and many more. You can find me on Twitter, LinkedIn, HackerOne, BugCrowd and… in Paris.

My primary target is client-side web vulnerabilities, both in Javascript and Flash. I try to hunt bugs my own way, looking deep in the client source code where current scanners are not efficient. I am developing a Taint-tracking Chrome extension to find DOM XSS on javascript applications. It has good results and I will release the code on GitHub later.

In this blog I publish technical write-ups for some of my findings, hoping to help the developer and security community make the web a safer place!