~ I offers security consulting services within the space of Penetration Testing , Ethical Hacking , Vulnerability Assessments and Security Code and Configuration Reviews ~!

X-Scanner By The WMA team

X-Scanner is a point'n'shoot web scanner used for fast preliminary tests prior to serious penetration testing. 
This tool works on Windows/.NET platform and on Linux/Mono.







Key Features:
[+] 1. Get Server Info
[+] 2. Check For HttpOnly Flag
[+] 3. Check For XFrame-Options
[+] 4. Check For X-XSS-Protection
[+] 5. Check For X-Content-Type options
[+] 6. Check For SSL/TLS Security
[+] 7. Check For Content Secret Policey
[+] 8. Check For Access Control flaws
[+] 9. Check For X-Download Options
[+] 10. Check For Cache Control Options
[+] 11. Blazing fast TCP Port Scanner and OS Fingerprinting.
[+] 12. One of the fastest WhoIs queries in the market.
Provided here is an example report of the tool.
http://pastebin.com/uu1GcLai
As you *might* have seen, the scan finished in just 10s.
Price:50$
Contact to alihasanghauri5@gmail.com for details and getting a copy.

FB: https://www.facebook.com/alihassanghori5

Thanks.
The WMA team.



READ FULL POST

Facebook Mark Zuckerberg Password Reset Bug - Not exploitable

I was looking for a bug in forgot password facebook.

I was send reset password link to my email account through facebook. Open the link and change my id with Mark Zukerberg's Id to 4.





Mark Zukerberg's Id
http://graph.facebook.com/4



I was thought that I have fount something. but its not I've tried this bug using my own accounts (Not Mark Zuckerberg :) and it doesn't allow me to set a new password. The "n" parameter is tied to the "u" parameter. Instead of using Mark Zuckerberg's account



Video POC:


READ FULL POST