If you regularly monitor bug bounty reports, you’ve seen “JavaScript prototype pollution” titles. Nikita Stupin decided to dig deeper into the category of vulnerabilities, impacting JavaScript applications, and prepared the practical guide of its discovery and exploitation. Soon we will also prepare an English version of the paper, but currently, you have to manage by yourself to translate it.
Denis is the Director of Security and Test Technology Center at Huawei, where he leads the team of top-talented experts focused on enabling innovation in trustworthiness for core products and services.