PortSwigger researcher Gareth Heyes is probably best known for his work escaping JavaScript sandboxes, and creating super-elegant XSS vectors. When he's not authoring books (like the recent title, JavaScript for hackers), Gareth is a father to two wonderful girls and husband to an amazing wife, as well as an ardent fan of Liverpool FC.
In his daily life at PortSwigger, Gareth can often be found creating new XSS vectors, researching new techniques to attack web applications, and preparing to speak at conferences around the globe. A recent highlight was his presentation "Server-side prototype pollution: Black-box detection without the DoS" at OWASP Global AppSec Dublin, 2023. He's also the author of PortSwigger's XSS Cheat Sheet. In his spare time he loves writing new BApp extensions (he's the creator of both Hackvertor and Taborator).