Facebook SMS Captcha Was Vulnerable to CSRF AttackThis post is about an bug that I found on Meta (aka Facebook) which allows to make any Endpoint as POST request in SMS Captcha flow which…Oct 17, 2022A response icon2Oct 17, 2022A response icon2
Contact Point Deanonymization Vulnerability in MetaThis post is about an bug that I found on Meta (aka Facebook) which used to find a linked Primary email address of a account using mobile…Apr 28, 2022A response icon2Apr 28, 2022A response icon2
Confirming any new Email Address bug in Facebook (Part-4)This post is about an bug that I found on Facebook which used to Confirming any email address in new Facebook account by using IP and…Aug 17, 2021A response icon1Aug 17, 2021A response icon1
How to Rotate IP ADDRESS For Each Request in Burp SuiteThis post is about to explain how to rotate IP address for each request using Burp Suite.Aug 17, 2021A response icon2Aug 17, 2021A response icon2
Delete Any Photos In FacebookThis post is about an bug that I found on Facebook which used to delete any publicly visible photos by editing the series featureNov 3, 2020A response icon1Nov 3, 2020A response icon1
Reveal the page admin that uploaded a video on the page in comment sectionThis post is about an bug that I found on Facebook which used to disclose the page role person’s User ID when posted a video on comment…Nov 2, 2020Nov 2, 2020
Disable Any Unconfirmed Account in FacebookThis post is about an bug that i found on Facebook which used to Disable any new unconfirmed account in Facebook by using IP Rotation…Nov 21, 2019A response icon1Nov 21, 2019A response icon1
CSRF Email Confirmation Vulnerability for Gmail & G-Suite in FacebookThis post is about an bug that i found on Facebook which used to verify any new Gmail and G-Suite account with minimal Victim’s…Jul 16, 2019A response icon1Jul 16, 2019A response icon1
Bypass OAuth nonce and steal oculus response codeThis post is about an bug that i found on Facebook Oculus Application OAuth which could have been used to bypass nonce and steal…Nov 7, 2017A response icon1Nov 7, 2017A response icon1
Stealing Facebook MailChimp Application OAuth 2.0 Access TokenThis post is about an bug that i found on Facebook MailChimp Application OAuth 2.0 which could have been used to steal Access_token. and…Nov 7, 2017A response icon1Nov 7, 2017A response icon1
