Krzysztof Kotowicz

IRL Name: 
Krzysztof Kotowicz

Krzysztof Kotowicz is a Web security researcher specialized in the discovery and exploitation of HTML5 vulnerabilities. He is the author of multiple recognized HTML5/UI redressing attack vectors. He is a speaker at international IT security conferences & meetings like SecurityByte, HackPra, Hack In Paris, CONFidence, Blackhat, OWASP, Tech Krakspot, etc. He takes part in multiple Security Bug Bounty programs (Google Security Bug Bounty, Facebook White Hat, Piwik Security Bug Bounty). He also blogs at


Author of XSS ChEF,a Chrome Extension Exploitation Framework

Author of PharUtil, a security-oriented utilities for Phar archives

He is listed in Google Security Hall of Fame.