Greetings, Myself is Hassan Khan Yusufzai and today i will share my recent finding in Google acquisition, Which is “Famebit”. I was able to take over victim account by bypassing the CSRF protection in email change functionality. What is Cross site scripting forgery? “Cross-Site Request Forgery (CSRF) is an attack…

Hello everyone this is Hassan Khan Yusufzai & i would like to share one of my finding. So its about 2 months ago when i got private invite on BugCrowd. For the sake of private programs privacy lets say it “Private.com”. So, When i was pen-testing that application i first…

Companies do not pay attention to online systems, they sometimes don’t even know that their services are being compromised by hackers and hackers are enjoying the fruit on back end. This is the most common threat now a days & it can become a nightmare for a company. Myself, M.Hassan…