ruby nealon
hacker and security consultant based in japan.
contact
- email: ruby (at) ruby (dot) sh
- fingerprint: DC8ACFF3AD1C6D3F007EECE5610C353FE280661B
writing
- nist, 2020 - CVE-2020-11694 JetBrains PyCharm advisory
- twitter, 2020 - JetBrains included their Apple code-signing and artifactory credentials in PyCharm builds
- assetnote, 2019 - Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos
- hackerone, 2019 - Leaked artifactory_key, artifactory_api_key, and gcloud refresh_token via GitHub.
- tokyo, 2018 - Hack me if you can: inside the world of bug bounty hunting
- nist, 2017 - CVE-2017-16755 / CVE-2017-16756 (HelpSpot disclosure)
- hackerone, 2016 - Incoming email hijacking on sc-cdn.net (Snapchat)
- medium, 2016 - First thoughts and a quick setup guide on Bash for Windows
- medium, 2016 - Watch Paint Dry: How I got a game on the Steam Store without anyone from Valve ever looking at it.
- medium, 2015 - Offensive Security’s “Penetration Testing with Kali Linux” Course — and why it’s possibly the best way to get started in InfoSec
links