29 March 2013

Another Stored XSS in Facebook.com

29 March 2013,
 9

Hi, I wanted to share my finding in regard to Stored XSS in Facebook.com. First, I need to state that finding any Stored XSS […]


29 March 2013

FusionChart 2013 Flash New Attacking Vectors

29 March 2013,
 0

Below, you’ll find my finding in regard to FusionCharts Vulnerabilities: A) I found that it was possible for an attacker to execute an XSS attack […]


29 March 2013

How I Hacked Any Blogger Account

29 March 2013,
 0

This is the first post on my blog and will also be the first post to detail my ability to find security vulnerabilities in the Google […]


31 December 2012

Hack in The Box 2012

31 December 2012,
 0

Killing a bounty program, Twice (HITB 2012 Slides) by Nir Goldshlager, Itzhak (Zuk) Nir goldshlager Killing a bug bounty program – twice Hack In […]


31 December 2012

swfupload.swf XSS

31 December 2012,
 0

Hi, Just want to share my finding, I found another XSS Vulnerability in swfupload.swf PoC:     http://demo.swfupload.org/v220/swfupload/swfupload.swf?buttonText=%3Ca%20href=%22javascript:alert%28top.location%29%22%3EClick+For+XSS%20%3Cfont%20size=%2216%22%3E%3C/a%3E   Vulnerable Parameter: buttonText Vulnerable Code: […]