A series of API flaws in McDelivery India made it possible to order food for a penny, hijack other people’s delivery orders, view user information, and more.
Even better for your career is being an actual researcher with a good grasp on heap grooming, MAC circumvention instead of spreading FUD over something that can easily be detected with burp.
Let me guess, you signed an NDA, and won’t tell anyone which brands had badly configured access control in their web apps?
Each red flag is okay, but all together is rather strange. It’s kinda classic to say that pajeets write shitty code.
Of course I’m not telling you my fucking clients. My career path requires a modicum of professionalism
Good, because it’s not of interest.
Even better for your career is being an actual researcher with a good grasp on heap grooming, MAC circumvention instead of spreading FUD over something that can easily be detected with burp.