Profile cover photo
Profile photo
Mohamed A. Baset (SymbianSyMoh)
Guru Programmer, IT Security Researcher & Bugs Bounty Hunter
Guru Programmer, IT Security Researcher & Bugs Bounty Hunter
About
Communities and Collections
View all
Posts

Post is pinned.Post has attachment
Add a comment...

Post has attachment
Here is how a single misconfiguration issue discovered by Seekurity would jeopardize the user’s privacy if maliciously exploited hence hijack user “access_token” from Microsoft Office360 facebook App.

Remember Cambridge Analytica and the Facebook data leak? It was via one of the facebook applications that CA did to harvest the data of millions of American users. That being said, and with this discovered bug can be exploited on large scale to target the users of this misconfigured Microsoft Office 365 Facebook App who gave access to it to steal their access tokens.
Add a comment...

Anyone got this awesome ROM working with Kali NetHunter? I mean Metasploit Postgresql database in specific?

Post has attachment
Another episode of Business Logic Vulnerabilities series hitting the gigantic photo sharing social network Instagram by Ali Kabeel aka "The Logic Breaker", Happy reading!
Add a comment...

Post has attachment
I'm really so proud to have such mindset and talent in our Seekurity Team, Enjoy reading our latest blog posts from the rioter "Seif" about Bypassing Facebook’s Linkshim protection on iOS.
Add a comment...

Post has attachment
Both Seekurity.com SAS de C.V. & Sonarify got acknowledged by SimpleRisk – Open Source Risk Management System for discovering a reflected cross site scripting vulnerability affecting the password reset form and can be exploited to hijack user password reset information then perform any actions on their behalf. For the record, the issue has been discovered by one of our upcoming products (Sonarify PTaaS) which uses some sort of AI and deep learning techniques in both Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) which will be released soon for corporate use only along with a free/community version.
Advisory links:
1-https://www.seekurity.com/blog/general/reflected-xss-vulnerability-in-simplerisk/ 2-https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-10711
Add a comment...

Post has attachment
Seekurity SAS de C.V. got acknowledged by phpSocial/phpDolphin for discovering a critical reflected cross site scripting vulnerability affecting their social network script and can be exploited to hijack user account and perform any actions on their behalf.
Add a comment...

Post has attachment

Post has attachment

Post has attachment
Add a comment...
Wait while more posts are being loaded