Navigate back to the homepage

Anand Prakash

The CEO/Founder of AppSecure, Forbes 30 under 30 - 2017, Bug Bounty Hunter, Ex-Flipkart

Link to $ to $ to $

How I could have hacked your Uber account

This post is about an account takeover vulnerability on Uber which allowed attackers to takeover any other user’s Uber account (including riders, partners, eats) accounts by supplying user uuid in the API request and using the leaked token in the API response to hijack accounts.

September 12th, 2019 · 2 min read

How we hacked Tinder accounts using Facebook’s Account Kit and earned $6,250 in bounties

The vulnerabilities mentioned in this blog post were plugged quickly by the engineering teams of Facebook and Tinder.

February 20th, 2018 · 2 min read
© 2020 AppSecure