Hacker News
- Hacking Facebook’s Legacy API, Part 2: Stealing User Sessions http://stephensclafani.com/2014/07/29/hacking-facebooks-legacy-api-part-2-stealing-user-sessions/ 8 comments
- Hacking Facebook’s Legacy API, Part 1: Making Calls on Behalf of Any User http://stephensclafani.com/2014/07/08/hacking-facebooks-legacy-api-part-1-making-calls-on-behalf-of-any-user 19 comments
- Hacking Facebook’s Legacy API, Part 1: Making Calls on Behalf of Any User http://stephensclafani.com/2014/07/08/hacking-facebooks-legacy-api-part-1-making-calls-on-behalf-of-any-user/ 2 comments
- Security Vulnerabilities in Heroku http://stephensclafani.com/2013/01/09/vulnerabilities-in-heroku/ 19 comments
- Hacking Facebook’s Corporate Network for Fun and Profit http://stephensclafani.com/2012/07/31/hacking-facebooks-corporate-network-for-fun-and-profit/ 7 comments
- Ruby on Rails: Secure Mass Assignment http://stephensclafani.com/2010/01/04/ruby-on-rails-secure-mass-assignment/ 15 comments
- Stealing Messenger.com Login Nonces https://stephensclafani.com/2017/03/21/stealing-messenger-com-login-nonces/ 6 comments netsec
- Hacking Facebook’s Legacy API, Part 1: Making Calls on Behalf of Any User http://stephensclafani.com/2014/07/08/hacking-facebooks-legacy-api-part-1-making-calls-on-behalf-of-any-user/ 42 comments netsec
- Obtaining The Primary Email Address Of Any Facebook User http://stephensclafani.com/2013/07/09/obtaining-the-primary-email-address-of-any-facebook-user/ 37 comments netsec
- Vulnerabilities in Heroku http://stephensclafani.com/2013/01/09/vulnerabilities-in-heroku/ 6 comments netsec