Infiltrate Security Conference OPEN CFP

Thomas Shadwell

Thomas Shadwell (zemnmez)


I'm an application security engineer at Twitch. I'm best known for breaking things I like using including reporting 120 vulnerabilities in Steam, breaking Steam's login encryption or getting XSS, then remote code execution in Mr Robot's website. I have a special interest in the interactions of web protocols leads to unintended side effects. My most well-publicized work on this was probably my deanonymization attack leveraging CSP to discover Facebook user identities.

Back to Open CFP

Interested in Speaking?

We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.

Some of the benefits of speaking at INFILTRATE are: