TopCode.com is a website where the most skilled top coders around the world are solving challenges, Competing and writing codes to achieve a specific tasks. Top high profile companies like (Facebook, Google, Twitter, etc..) are getting help from such websites in their recruitment process!
Continue reading “TopCoder.com Vulnerabilities – A tail of site-wide bugs leads to accounts compromise & payments hijacking”
Your privacy on the internet is the biggest concern ever and when it comes to “Dating websites” and “Social Networks” it means more and more!
Let me tell you a story of two websites that don’t respect yours and putting it on danger…
Continue reading “When your privacy disclosure is a “feature” not a “bug” – Badoo & HotorNot failure!”
Fiverr.com, a global online marketplace which provides a platform for people to sell their services for five dollars per job, is vulnerable to a critical web application vulnerability that puts its millions of users at risk.
Fiverr raised $30 million in a third round of institutional funding to continue supporting the new version of its marketplace, but the company ignored the advance warning of the critical bug reported responsibly by a vulnerability hunter and fails to patch up their website before his public release.
Continue reading “Fiverr.com Full Accounts Takeover – A Vulnerability Puts $50 Million Company At Risk”
My name is Mohamed Abdel Aty, an Egyptian Web Developer & Bug Hunter, Today I would like to share with you a “cute” bug I found while doing some bug hunting in Facebook.
Testing different sub-domains is a common procedure in bug hunting , while searching the domain “mbasic.facebook.com” I noticed this link
Continue reading “Facebook Vulnerability – a “Cute Bug” that reveals the “likes” of deleted posts regardless of their privacy settings”
Facebook is the largest social network ever known on the internet, People are using Facebook for contacting friends, Family and sometimes for Work!
When it comes to Work that means an important notifications from your company’s page, work account, work admins, business accounts, etc…
Continue reading “Facebook movies recommendation vulnerability – A bug capable of erasing all your important notifications!”
Hello Geeks and Security Evangelists,
My name is Mohamed Abdelbaset Elnoby, Just another Senior Information Security Researcher and Web Application Pentester in the world 😀 , Today I would like to show you a “hilarious” Broken Authentication bug I found in ESET website specifically in their “Antivirus Product Activation Process” that allowed me to generate millions of valid paid Licenses of “ESET Nod32 Antivirus” as per their description “Our award-winning security software offers the most effective protection available today” for free.
(Yes “hilarious” is in bold, it’s not a formatting mistake but you will know why at the end of the story)
Continue reading “A Hilarious ESET Broken Authentication Vulnerability (one click free purchase)”