 
				
						Thomas Stacey
						Application Security Auditor, Outpost24
					
									Thomas is an Application Security Auditor with Outpost24. He is a highly skilled penetration tester and security researcher with expertise in web application testing with over five years of experience. He is a Burp Suite practitioner, a full-time Lego enthusiast, and loves to share his knowledge with others.
								Application Security
								06 Sep 2023
							
							During a recent customer engagement, I came across an instance of a rather rare vulnerability class called HTTP request smuggling. Over the course of several grueling days of exploit development, I was eventually able to abuse this vulnerability to trigger…
						
								Application Security
								08 Mar 2023
							
							How an Account Takeover vulnerability, discovered during a routine customer engagement, became a candidate for responsible disclosure, via the Microsoft Security Research Center Researcher Portal. In December 2022, when testing a customer’s instance of the Azure API Management (APIM) Developer…
						
