REST-API Lover | Security Researcher | API Coder | Ambivert | GET /noob
The story I came across a note New: Videos in Comments! written by Bob Baldwin who works at Facebook. This note was about Facebook launching it's new feature of commenting using videos. eg. Now, users were allowed to upload a video in comments. When I saw this note, at that…
Description I was able to fool Facebook's Graph Search and bypass privacy restrictions and extract sensitive information about user's applications and pages. I was able to get applications used by any user, regardless of privacy settings set to Only Me and also I was able to get Pages liked by…
Description Dropbox offers two Api's ... Core Api (https://www.dropbox.com/developers/core) Business Api (https://www.dropbox.com/developers/business) Both the Api's have different permission models i.e different and distinct scope permissions are available for both the apis. I was testing the Core Api and I found…
Description The endpoint /me/links is undocumented. We cannot find documentation about how to deal with this endpoint. But combining few api calls we can create unpublished posts. More information about creating unpublished posts can be found here. It states that, "It is possible to add some content to the…
Description The endpoint /{videolist_id}/videos is undocumented. So, we cannot find any real documentation about this on developer's site. But still using analogy between other endpoints and this endpoint we can guess the working. Facebook recently released new features for pages. This was the one. Now, we can upload…