Exploiting Instagram Api’s

Hello Friends it been a while i have blogged well this time i am writing about one of mine old  issue .I was checking instagram  but still so as whitehat by heart i was straight into testing the privacy/security measures of it .xss,csrf,oauth issues were fixed and being hunted down by other folks 😛  so […]

Deleting Facebook Event&Group cover pics

Hi Friends 🙂 Here is a small logical flaw with facebook at event and group corner. title should be deleting facebook event&group cover pic with image id reference flaw Facebook  use numerical id’s  to identify each objects like video,url,feed,photos,event,groups etc  .So i was checking the event corner and i got a logical flaw with image id’s i […]

How i deleted your zomato account !

Hi friends 😀 , Zomato is an online restaurant search and discovery service providing information on home delivery, dining-out, cafés and nightlife for various cities of India and 21 other countries. It has 62.5 million registered users. I was catched by it so i was messing around with zomato now while checking out the settings […]

Cisco Meraki ajax based csrf

Hello friends 🙂 This is the writeup of my  Cisco Meraki findings  .I was just 😉 trying the different platform for a change  so i logged in  and was playing the game of request and resonse so after few back and forth of requests it was clear that’s its  an ajax based web app  now i […]