• 2020-08-15
  • 6 minutes

How to use Facebook for Open Redirect attacks

Some days ago I found an Open Redirect in Facebook website, that I promptly reported to their Bug Bounty Program. There were a lot of warnings that Open Redirect’s are usually false positives, but this one looked legit to me. Facebook disregarded the report, saying that wasn’t exploitable as there are protections in place against […]
Continue Reading
  • 2019-06-16
  • 11 minutes

How Antivirus works and bypass techniques – part 1

This time i’m not going to talk about a specific vulnerability. Instead I’m going to show how attackers disguise malware in order to bypass antivirus. Antivirus 101 To start, we need to understand how AV works.I’m just going to touch on the basics, but they should be enough to understand the logic behind all of […]
Continue Reading