Bypass Email Verification in MozillaHi, I’m Amr Kadry, a penetration tester and bug hunter, acknowledged by over 45 companies including Mozilla, CrowdStrike, Canva, Vimeo, and…Nov 21, 20244Nov 21, 20244
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration FlawHi, I’m Amr Kadry, a penetration tester and bug hunter recognized by over 45 companies, including Mozilla, CrowdStrike, Canva, and Vimeo…Nov 14, 20248Nov 14, 20248
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in MozillaHi, I’m Amr Kadry, a penetration tester and bug hunter recognized by over 45 companies, including Mozilla, CrowdStrike, Canva, and Vimeo…Nov 7, 20247Nov 7, 20247
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usersبِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِMay 25, 20246May 25, 20246
How I got JS Execution (DOM XSS) Via CSTIبِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِApr 15, 20243Apr 15, 20243