17 April 2013

Stored XSS In Facebook Chat, Check In, Facebook Messenger

17 April 2013,
 15

A Few of My Favorite Facebook Stored XSS Findings Today, I’m going to share a few of my favorite Stored XSS Findings in Facebook […]


3 April 2013

The Unfix Bug in Facebook OAuth

3 April 2013,
 10

For starters, I want to reiterate that I have finished my tenure with Bug Bounty Programs, but, as promised, I will continue to publish […]


29 March 2013

How I Hacked Any Facebook Account…Again!

29 March 2013,
 10

  This post is the second one I’ve done in regard to Facebook OAuth Vulnerabilities. But, just so everything’s clear from the start, no […]


29 March 2013

How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Account (Without App “Allow” Interaction)

29 March 2013,
 4

  Hello there, I’ve decided to share one of my favorite flaws in facebook.com. This flaw essentially let me take over any Facebook account. […]


29 March 2013

How I Hacked Facebook Employees Secure Files Transfer service (http://files.fb.com)

29 March 2013,
 9

Hi, I wanted to share some of my findings in regard to the Password Reset logic flaw in the Facebook Secure Files Transfer for […]