Projects I have or am working on right now from Arduino and Pi to Golf and Motors.
After looking into the website for basic vulnerabilities for SQL injection and XSS I looked at the cookies as I always do and was horrified.
I found they were storing people passwords in plain text in a normal cookie.
Working with them to identify and close this gaping hole on Christmas Eve!
After testing Evolutions website widget for a company I was working for revealed that I could manipulate their website to produce a finance quote for any amount of money, on whatever APR and over however long I wanted it for.
But it did not stop there, I also proved a cross site scripting attack, even posted a picture of the guy I was talking to on his website.
They finally took the warnings that their site was highly compromisable and an easy hack, but not before me having to prove and provide a webpage that they could use to show the hack.