Skip to content

Instantly share code, notes, and snippets.

View LuizFelipeSantosPereira's full-sized avatar
💭
Learning 📚 👨‍💻

Luiz Felipe dos Santos Pereira LuizFelipeSantosPereira

💭
Learning 📚 👨‍💻
  • São João da Boa Vista, São Paulo, Brazil
  • 01:52 (UTC -12:00)
  • LinkedIn in/luizfspdev
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active January 16, 2025 21:02
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like support@company.com), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link