A good friend😉 suggested me to learn GraphQL and just when I was looking for resources, HOW TO GRAPHQL was launched.

I went with fundamentals of GraphQL in it and found Graphene later. It’s a GraphQL framework for Python. I was more interested in Graphene-SQLAlchemy.

So I learned those stuff as well and came out with a simple project for using GraphQL with Python-Flask using Graphene-SQLAlchemy.

In the demo project I created a simple table “users” with field id, name, email, username. And, created a schema(schema.py) to


I bought a new iPhone 7 on the 10th Anniversary of iPhone and tried a couple of stuff with the ARKit 👨‍💻.

To get started with ARKit + Unity try this tutorial. And for ARKit + SceneKit go with this one.

First I went with creating a 2D scene in which you can add random emoji to the world by tapping on the screen. It was using SpriteKit.

Then I was creating few apps based on 3D models with SceneKit. The best one among them is Green Work Space 🌳.

I tried to do the above one…


Update(1 Dec 2016): According to intellectual property claim from Snap Inc. I’m not allowed to use the word “Snap”, ”ghost & spectacles emoji’s”. So renamed SnapView to RoundView and moved the site to roundviewapp.heroku.com 💛.

Old 💛

RoundView is a simple tool to make your videos look like recorded using Spectacles. I made SnapView because of a tweet from 😺

How it works?


After Chrome & Firefox, most people use Safari. And on Jan 20 I reported a vulnerability to Apple Security team and it’s related to Safari Safe Browsing.

Usually when a user visits a malware website, Safari will block and alert the user. And I was trying to bypass the alert. The first attempt I made is old-school technique, that is I used the server IP and I was shocked seeing the result, it worked :O.

So an attacker can share malware website IP to compromise the end-user and Safari will not detect it.

I tried to visit http://murielsa.com/ and it…


Facebook Groups chat bug , this was the bug which made my name to reach few people :P .

In Facebook groups feature any member of a group can start a chat with all the group members with two condition

1)The group should have less members.

2)The person who start the chat should be a member of that group.

But I found a bug with which I can break those two conditions.

Steps :


Recently I was working with Facebook Graph API and found this bug. Facebook Group (https://developers.facebook.com/docs/graph-api/reference/v2.2/group) & Groups Docs graph API(https://developers.facebook.com/docs/graph-api/reference/v2.2/group/docs) states that
1) user_groups permission to retrieve any groups that the session user is a member of.
2) Any valid access token if the group is public (i.e. the group’s privacy setting is OPEN)
3) A user access token for a member of the group with user_groups permission. (Group Docs)

But they aren’t working as expected. We can get group docs content and closed group info in which the user is a member with an access token in which user_groups…

Rahul M

Developer/Whitehat ~ 🍎 WWDC 2017 Scholarship Winner ~ Found security bugs in Apple, Amazon, Facebook, Google, Yahoo, UnitedAirlines & much more. www.rahulm.me

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store