Roderick Schaefer

Popular pages

• My first month as a full-time bug bounty hunter | kciredor’s engineering and security blog

  Introduction Thank you for taking the time to read my first blog post. My name is Roderick Schaefer, known as kciredor in the exciting world of security bug bounties. I’m new and working hard to get v...

• Taking over every Ad on OLX (automated), an IDOR story | kciredor’s engineering and security blog

  Public disclosure Hi again! Thank you for reading my third blog post. Happy to share all the details with you on the Insecure Direct Object Reference attack (IDOR) as mentioned in my first blog. It ha...

• Fuzzing Adobe Reader for exploitable vulns (fun != profit) | kciredor’s engineering and security

  Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from...

• Throwing 500 vm’s at your fuzzing target being an individual security researcher | kciredor’s

  Adobe Reader progress One year ago I blogged about my many attempts and failures at fuzzing Adobe Reader and finding exploitable security issues.

• First bounty, time to step up my game | kciredor’s engineering and security blog

  What happened Hello again and thanks for reading my second blog post! After publishing my first blog I kept on trying to hack different companies and websites. Not as easy as I had hoped for! It took ...

• kciredor’s information security blog | Security researcher. Software engineer. Independent. This

  Security researcher. Software engineer. Independent. This blog features my write-up’s on interesting research and security findings. Make sure you follow me on Twitter @kciredor_ to stay up to date on...