Rafay Baloch has been conducting security research for over 6 years. His core research includes bypassing client/server side protections such as WAF and other security mechanisms. He is the author of "Ethical Hacking and Penetration Testing Guide" and has also written several papers on information security, namely "HTML5 Modern Day Attack Vectors" and "Web Application Firewall Bypass." Rafay has helped many organizations find vulnerabities and has produced hundreds of responsible disclosures. He is best known for finding a remote code execution vulnerability inside PayPal for which he was awarded. He also uncovered several zero days in Android browsers, for which he was listed as one of the top 25 threat seekers of 2014 and top 5 ethical hackers of the world by Checkmarkx. Rafay is an active participant in bug bounty programs and is listed in many "Halls of Fame" including Google, Facebook Microsoft, Twitter, and Dropbox.
