Report Email Alerts Open Bug Bounty: 111831 coordinated disclosures
Full Disclosure: 32415 vulnerabilities
Total Vulnerabilities Fixed: 37776
119699 vulnerable websites, 12892 VIP websites
2917 security researchers, 3934 notification subscribers

DrStache Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Security researcher DrStache has already helped fix 1342 vulnerabilities.

Follow me on:
Twitter

Real name:
Florian C.

About me:
French student in Networking and Telecommunications
Security enthusiast

How to contact me:
[email protected]

Contact me as soon as possible so we can work together to quickly protect your users.

Experience in Application Security:
1-3 years

Award / Bug Bounty I prefer:
A thanks/profile recommendation will be really appreciated and is enough, but if you'd like:
~ Bug Bounty (PayPal / BTC)
~ Hall of Fame
~ Swag (T-shirt, sticker..)

Halls of Fame:
https://hackerone.com/drstache
https://bugcrowd.com/DrStache


Statistics and Awards

Approved XSS vulnerabilities:4696
Approved XSS vulnerabilities on VIP websites:232
Patched vulnerabilities:1352
Verified vulnerabilities on Hold (Open Bug Bounty):1169
Active since:31.07.2016
Top Security Researcher Awards: Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Recommendations and Acknowledgements

22 March, 2017
JKrycha Josef Krycha from Canon Europe Ltd.:

DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!

9 March, 2017
bugfort26 NB. from CDC:

Merci pour ces échanges, qui auront permis de remotiver nos fournisseurs!

3 March, 2017
JNRIBETTE JN.RIBETTE from Kosmos:

Merci pour la détection des failles et pour les informations permettant de les corriger !

23 February, 2017
RCnfpt RSSI from CNFPT:

Un grand merci à Dr Stache pour les informations transmises.
Cela nous a permis de réagir rapidement. Encore merci et bonne continuation.

23 February, 2017
NicoBiot Nico B from CNFPT:

Merci à DrStache pour la détection de la faille et sa réactivité

20 February, 2017
fmplaw Florent.F from MEN - AC CRETEIL:

Une grande compétence et une super communication. Merci Dr Stache !

10 February, 2017
Brit_Hotel Jean-Manuel from Brit Hotel:

Un grand merci pour votre réactivité et votre aide ! ;)

7 February, 2017
meteociel Meteociel from Meteociel:

Thanks for the report of many XSS vulnerabilities for the Meteociel.fr site. Quick & precise answers.

8 January, 2017
saitenforum Jens from Saitenforum:

DrStache was extremely helpful, responsive and knowledgeable in pointing me to the vulnerabilities on my websites. I can highly recommend him! Keep up the great work. Thanks a lot!

8 November, 2016
Winaskin Vador from Winaskin.com:

Thank you DrStache, with you, we patched our issue ;-)

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
20.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)
19.04.2017
On Hold
XSS  (Open Bug Bounty)
17.04.2017
On Hold
XSS  (Open Bug Bounty)
14.04.2017
On Hold
XSS  (Open Bug Bounty)
14.04.2017
On Hold
XSS  (Open Bug Bounty)
13.04.2017
patched
XSS  (Open Bug Bounty)
13.04.2017
On Hold
XSS  (Open Bug Bounty)
13.04.2017
On Hold
XSS  (Open Bug Bounty)
13.04.2017
On Hold
XSS  (Open Bug Bounty)
12.04.2017
On Hold
XSS  (Open Bug Bounty)
11.04.2017
On Hold
XSS  (Open Bug Bounty)
11.04.2017
On Hold
XSS  (Open Bug Bounty)
11.04.2017
patched
XSS  (Open Bug Bounty)
11.04.2017
On Hold
XSS  (Open Bug Bounty)
10.04.2017
On Hold
XSS  (Open Bug Bounty)
10.04.2017
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

bape.com
Reported by Cosmoo Approved XSS vulnerabilities: 7
Approved XSS vulnerabilities on VIP websites: 1
on 24.04.2017
besteveralbums.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 5
Approved XSS vulnerabilities: 1053
Approved XSS vulnerabilities on VIP websites: 157
on 24.04.2017
technodom.kz
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 11
Approved XSS vulnerabilities: 2960
Approved XSS vulnerabilities on VIP websites: 262
on 24.04.2017
knust.edu.gh
Reported by TestimeOO7 Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 21
on 24.04.2017
eku.edu
Reported by Alyssa_Herrera Twitter: @_Psycho_Mantis
Approved XSS vulnerabilities: 1532
Approved XSS vulnerabilities on VIP websites: 445
on 24.04.2017
futuremark.com
Reported by Alyssa_Herrera Twitter: @_Psycho_Mantis
Approved XSS vulnerabilities: 1532
Approved XSS vulnerabilities on VIP websites: 445
on 24.04.2017
yogajournal.com
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2818
Approved XSS vulnerabilities on VIP websites: 165
on 24.04.2017
thetimenow.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 11
Approved XSS vulnerabilities: 2960
Approved XSS vulnerabilities on VIP websites: 262
on 23.04.2017
ultimate-guitar.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 11
Approved XSS vulnerabilities: 2960
Approved XSS vulnerabilities on VIP websites: 262
on 23.04.2017
marriott.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 11
Approved XSS vulnerabilities: 2960
Approved XSS vulnerabilities on VIP websites: 262
on 23.04.2017

Latest Submissions

servana.de
Reported by badmaxx Twitter: @_badmaxx_
Recommendations received: 1
Approved XSS vulnerabilities: 800
Approved XSS vulnerabilities on VIP websites: 35
on 24.04.2017
atlanticfirearms.com
Reported by jimcola99 Approved XSS vulnerabilities: 76
Approved XSS vulnerabilities on VIP websites: 15
on 24.04.2017
list-org.com
Reported by Disst Recommendations received: 2
Approved XSS vulnerabilities: 505
Approved XSS vulnerabilities on VIP websites: 54
on 24.04.2017
pakpips.com
Reported by xmenik Approved XSS vulnerabilities: 115
Approved XSS vulnerabilities on VIP websites: 8
on 24.04.2017
dailypakistan.pk
Reported by xmenik Approved XSS vulnerabilities: 115
Approved XSS vulnerabilities on VIP websites: 8
on 24.04.2017
thinkshoes.com
Reported by secuninja Recommendations received: 4
Approved XSS vulnerabilities: 493
Approved XSS vulnerabilities on VIP websites: 21
on 24.04.2017
metallerie.pmg.nl
Reported by SnazzySanoj Twitter: @snazzysanoj
Approved XSS vulnerabilities: 14
Approved XSS vulnerabilities on VIP websites: 3
on 24.04.2017
eventbranche.nl
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 5
Approved XSS vulnerabilities: 1053
Approved XSS vulnerabilities on VIP websites: 157
on 24.04.2017
stiga.de
Reported by secuninja Recommendations received: 4
Approved XSS vulnerabilities: 493
Approved XSS vulnerabilities on VIP websites: 21
on 24.04.2017
m.delangemakelaars.nl
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 5
Approved XSS vulnerabilities: 1053
Approved XSS vulnerabilities on VIP websites: 157
on 24.04.2017