About me

I'm a web security researcher specializing in discovery and exploitation of HTML5 vulnerabilities. I've been lucky to discover a few recognized HTML5/UI redressing attack vectors. I have a solid web application development background in creating secure e-commerce systems, intranet and social networking applications. As a day-to-day job, I'm a member of Google Security Team.

I do some bughunting from time to time with varying success (I'm listed in Google Security Hall of Fame), sometimes I speak at IT security conferences and meetings (Black Hat, Hack In Paris, SecurityByte, HackPra, OWASP AppSec, BruCon).

Of course, whatever is written in this blog expresses my viewpoint, and not one of my employer.

My open source projects



Contact: kkotowi|REMOVE|cz at gmail dot com