Takeover A Facebook, SnapChat or JetBrains Account

Multiple account takeover vulnerabilities in this episode with three cross-origin communication vulnerabilities in Facebook, an odd OTP endpoint in SnapChat and an open redirect in JetBrains leaking your JWT.
 

From CTFs to Real-Exploitation (Part 3)

Final part of our series on going from the foundations of exploitation development to real-world exploitation. Focusing on the critical skill of discovering and developing your own exploitation strategies in large applications.
 
1
2
3
4
5
6
7
8
9
10