| user: | franjkovic |
| created: | October 20, 2013 |
| karma: | 1.1k |
| about: | [ my public key: https://keybase.io/josipfranjkovic; my proof: https://keybase.io/josipfranjkovic/sigs/4EYnl7a6Vko4DGKQFypdzXwAxT-YnFN8DEc5X34RttQ ] My security blog: https://www.josipfranjkovic.com |
| 1. | Getting any Facebook user's friend list and partial payment card details(josipfranjkovic.com) |
| 2. | Taking over Facebook accounts using Free Basics partner portal(josipfranjkovic.com) |
| 3. | 8 years ago | discuss |
| 4. | Hacking Facebook accounts using CSRF in Oculus-Facebook integration(josipfranjkovic.com) |
| 5. | 8 years ago | discuss |
| 6. | Stealing Facebook access_tokens using CSRF in device login flow(josipfranjkovic.com) |
| 7. | 9 years ago | discuss |
| 8. | 9 years ago | discuss |
| 9. | 10 years ago | discuss |
| 10. | The easiest bug bounties I have won(josipfranjkovic.blogspot.com) |
| 11. | 10 years ago | discuss |
| 12. | 10 years ago | discuss |
| 13. | 10 years ago | discuss |
| 14. | Race conditions on Facebook, DigitalOcean and others (fixed)(josipfranjkovic.blogspot.com) |
| 15. | 11 years ago | discuss |
| 16. | Reading local files from Facebook's server (fixed)(josipfranjkovic.blogspot.com) |