X-Scanner By The WMA team

X-Scanner is a point'n'shoot web scanner used for fast preliminary tests prior to serious penetration testing. 
This tool works on Windows/.NET platform and on Linux/Mono.

Key Features:
[+] 1. Get Server Info
[+] 2. Check For HttpOnly Flag
[+] 3. Check For XFrame-Options
[+] 4. Check For X-XSS-Protection
[+] 5. Check For X-Content-Type options
[+] 6. Check For SSL/TLS Security
[+] 7. Check For Content Secret Policey
[+] 8. Check For Access Control flaws
[+] 9. Check For X-Download Options
[+] 10. Check For Cache Control Options
[+] 11. Blazing fast TCP Port Scanner and OS Fingerprinting.
[+] 12. One of the fastest WhoIs queries in the market.
Provided here is an example report of the tool.
As you *might* have seen, the scan finished in just 10s.
Contact to alihasanghauri5@gmail.com for details and getting a copy.

FB: https://www.facebook.com/alihassanghori5

The WMA team.

Facebook Mark Zuckerberg Password Reset Bug - Not exploitable

12:23 Posted by Ali Hassan Ghori ,
I was looking for a bug in forgot password facebook.

I was send reset password link to my email account through facebook. Open the link and change my id with Mark Zukerberg's Id to 4.

Mark Zukerberg's Id

I was thought that I have fount something. but its not I've tried this bug using my own accounts (Not Mark Zuckerberg :) and it doesn't allow me to set a new password. The "n" parameter is tied to the "u" parameter. Instead of using Mark Zuckerberg's account

Video POC: