A missing ssl pinning in one of the endpoints exposed the internal auth token for the app and allows the attacker to perform many actions
JobToday is a website to find blue collar jobs easily using features like location based search of candidates and in app chat. We will exploit this location feature to get the exact coordinates of an arbitrary user.
While working in Barcelona for a travel company I set myself to explore how feasible was to make that work.
While on highschool I developed a system to remotely control other students computers