Use this to build a quick GraphQL schema from Facebook Android and iOS apps This will give you a clue of what to test github.com/CajuM/fb-graph… #bugbountytips

An hour or more without WhatsApp and Facebook, you will still be talking or searching for Facebook . #facebookdown

<Meta name="bugbounty" content="Facebook, workplace,instagram ,oculus……">

Web browsers convert some unicode characters in domains to 2 or 3 ascii characters. Buying one of these domains is a good way to get a very short domain for XSS payloads. To check how different unicode characters map, check this repository: github.com/filedescriptor… #Bugbountytips

A blog by me & Pяαкαѕн discussing our findings we presented in Black Hat Europe #BHEU talk titled “Exploiting CSP in Webkit to break Authentication/Authorization”. Find out how we made more than $100k in bug bounties with a bug ignored by Apple. threatnix.io/blog/exploitin…

$100,500 Apple bug bounty 🤯 Safari UXSS, Gatekeeper bypass, local file execution, and filesystem access CVE-2021-30861 CVE-2021-30975 #bugbountytips #apple ryanpickren.com/safari-uxss

medium.com/@yaala/faceboo…

medium.com/@yaala/trim-pr…

So I was researching iMessage exploits and found this: blog.zecops.com/research/the-r… This blog mentions an OOBW in CoreGraphics CGDataProviderDirectGetBytesAtPositionInternal, a different bug from CVE-2021-30860 that was an int overflow in JBIG2 PDF parsing. Any more details on this?

After some testing in facebook rest code i see this Facebook Security

Instagram App Access Token philippeharewood.com/instagram-app-…

Here are the slides from the Meta iOS hunting talk from BountyCon in Singapore docs.google.com/presentation/d…

2022 is a good year for me and WC team moroccan 😁 Thanks Facebook Security m.facebook.com/whitehat/thanks

medium.com/@yaala/account…

Sometimes going back to old old versions is not a waste of time. A bug was found in 2022. Title : from username all contact points associated with that account were disclosed in the invalid login error message youtu.be/9-FuYzhBGvo

Solved! Chrome debugger was enabled and allowed access via http://localhost:9222/json. This allowed exfiltrating data from other users whosoever was hitting this headless chrome browser - more info here - chromedevtools.github.io/devtools-proto… Thanks everyone for the tips :)

According to the media, it is a "war crime" to bomb military targets in #Ukraine, but it is perfectly fine to bomb civilians in #Gaza. If the media won’t say it, I will. Israel is a TERRORIST state‼️ #ZionistTerror #Gaza_Genocide #IsraelGazaWar #GazaAttack #PalestineGenocide

I recently developed and posted about a technique called "First sequence sync", expanding James Kettle's single packet attack. This technique allowed me to send 10,000 requests in 166ms, which breaks the packet size limitation of the single packet attack. flatt.tech/research/posts…

Detect the NextJS middleware bypass directly in Burp Suite with this BCheck from eternalkyu gist.github.com/fourcube/45a78…

“Escalating Impact: Full Account Takeover in Microsoft via XSS in Login Flow” by Asem Eleraky melotover.medium.com/escalating-imp…