Hacker News new | past | comments | ask | show | jobs | submit | from login

Stealing Messenger.com Login Nonces (stephensclafani.com) 2 points by chatmasta on March 23, 2017 | past Stealing Messenger.com Login Nonces (stephensclafani.com) 3 points by zdw on March 22, 2017 | past Stealing Messenger.com Login Nonces (stephensclafani.com) 6 points by ssclafani on March 21, 2017 | past Hacking Facebook’s Legacy API, Part 2: Stealing User Sessions (stephensclafani.com) 31 points by ssclafani on July 29, 2014 | past | 8 comments Hacking Facebook’s Legacy API, Part 1: Making Calls on Behalf of Any User (stephensclafani.com) 163 points by ssclafani on July 8, 2014 | past | 19 comments Hacking Facebook’s Legacy API, Part 1: Making Calls on Behalf of Any User (stephensclafani.com) 15 points by ssclafani on July 8, 2014 | past | 2 comments Shared Reality (stephensclafani.com) 1 point by ssclafani on March 26, 2014 | past It was possible to obtain the primary email address of any Facebook user (stephensclafani.com) 5 points by ssclafani on July 9, 2013 | past Sclafani: Vulnerabilities in Heroku (stephensclafani.com) 1 point by mazsa on Jan 9, 2013 | past Security Vulnerabilities in Heroku (stephensclafani.com) 64 points by ssclafani on Jan 9, 2013 | past | 19 comments Hacking Facebook’s Corporate Network for Fun and Profit (stephensclafani.com) 38 points by ssclafani on July 31, 2012 | past | 7 comments A Browser Parsing Quirk and a #NewTwitter XSS (stephensclafani.com) 2 points by ssclafani on Oct 4, 2010 | past Ruby on Rails: Secure Mass Assignment (stephensclafani.com) 24 points by ssclafani on Jan 4, 2010 | past | 15 comments

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: