He is known among computer security experts for his work on DNS cache poisoning and for showing that the Sony Rootkit had infected at least 568,200 computers and for his talks at the Black Hat Briefings.
In 2009, Kaminsky discovered numerous flaws in the SSL protocol. These include the use of the weak MD2 hash function by Verisign in one of their root certificates and errors in the certificate parsers in Web browsers that allow attackers to request certificates for sites they don't control successfully.
In April 2008, Kaminsky realised a growing practice among ISPs potentially represented a security vulnerability. Various ISPs have experimented with intercepting return messages of non-existent domain names and replacing them with advertising content.
This could allow hackers to set up phishing schemes by attacking the server responsible for the advertisements and linking to non-existent subdomains of the targeted websites. Kaminsky demonstrated this process by setting up Rickrolls on Facebook and PayPal.
While the vulnerability used initially depended in part that Earthlink was using Barefruit to provide its advertising, Kaminsky was able to generalise the exposure to attack Verizon by attacking its ad provider, Paxfire.
Kaminsky went public after working with the ad networks in question to eliminate the immediate cross-site scripting vulnerability
On March 27, 2009, Kaminsky discovered that Conficker-infected hosts have a detectable signature when scanned remotely.
In June 2010, Kaminsky released Interpolique, a beta framework for addressing injection attacks such as SQL injection and cross-site scripting in a manner comfortable to developers.
On June 16, 2010, he was named by ICANN as one of the Trusted Community Representatives for the DNSSEC root.
Marc Rogers tweated that Kaminsky was a force of nature who saw not just one or two moves ahead but so many you sometimes wondered if he was playing the same game.