Shuva SahaInstagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts CenterHello, I'm Shuva Saha (scriptshuva). Today, I will be discussing a vulnerability I discovered: bypass of two-factor authentication (2FA)…Aug 224
Saugat PokharelStealing First Party Access Token of Facebook Users: Meta Bug BountyHi, I am Saugat Pokharel from Kathmandu, Nepal. I am going to talk about one of my findings on Facebook. The vulnerability led to the…Jul 301
Gtm MänôzDisclose the email address and phone number of chinese business resellerThere is a XController that shows the resellerInfoSpecMap of a Chinese business reseller. The resellerInfoSpecMap contains email address…Jul 111Jul 111
InInfoSec Write-upsbySamip AryalHow I could’ve easily bypassed the 2FA security of Instagram once again?…Feb 21, 20224Feb 21, 20224
Vijay GuptaFacebook Bug BountyIn today’s digital age, where our lives are intertwined with technology, cybersecurity has become paramount. As we navigate through the…Apr 13Apr 13
Shuva SahaInstagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts CenterHello, I'm Shuva Saha (scriptshuva). Today, I will be discussing a vulnerability I discovered: bypass of two-factor authentication (2FA)…Aug 224
Saugat PokharelStealing First Party Access Token of Facebook Users: Meta Bug BountyHi, I am Saugat Pokharel from Kathmandu, Nepal. I am going to talk about one of my findings on Facebook. The vulnerability led to the…Jul 301
Gtm MänôzDisclose the email address and phone number of chinese business resellerThere is a XController that shows the resellerInfoSpecMap of a Chinese business reseller. The resellerInfoSpecMap contains email address…Jul 111
InInfoSec Write-upsbySamip AryalHow I could’ve easily bypassed the 2FA security of Instagram once again?…Feb 21, 20224
Vijay GuptaFacebook Bug BountyIn today’s digital age, where our lives are intertwined with technology, cybersecurity has become paramount. As we navigate through the…Apr 13
InPenTester NepalbyRikesh BaniyaFacebook email disclosure and account takeoverI have a preference for apps over web when it comes to hunting, so in January I decided to dive deep into apk endpoints hoping to find…Sep 8, 20213
