Report Email Alerts Open Bug Bounty: 121499 coordinated disclosures
Full Disclosure: 32443 vulnerabilities
Total Vulnerabilities Fixed: 39136
126925 vulnerable websites, 13180 VIP websites
3071 security researchers, 4044 notification subscribers

DrStache Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Security researcher DrStache has already helped fix 1353 vulnerabilities.

Follow me on:
Twitter

Real name:
Florian C.

About me:
French student in Networking and Telecommunications
Security enthusiast

How to contact me:
[email protected]

Contact me as soon as possible so we can work together to quickly protect your users.

Experience in Application Security:
1-3 years

Award / Bug Bounty I prefer:
A thanks/profile recommendation will be really appreciated and is enough, but if you'd like:
~ Bug Bounty (PayPal / BTC)
~ Hall of Fame
~ Swag (T-shirt, sticker..)

Halls of Fame:
hackerone.com/drstache
bugcrowd.com/DrStache

cert.europa.eu/cert/newsletter/en/latest_HallOfFame_.html
success.trendmicro.com/vulnerability-response
security.olx.com/security-hall-of-fame.html


Statistics and Awards



Approved XSS vulnerabilities:4711
Approved XSS vulnerabilities on VIP websites:235
Patched vulnerabilities:1353
Verified vulnerabilities on Hold (Open Bug Bounty):237
Active since:31.07.2016
Top Security Researcher Awards: Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Recommendations and Acknowledgements

22 March, 2017
JKrycha Josef Krycha from Canon Europe Ltd.:

DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!

9 March, 2017
bugfort26 NB. from CDC:

Merci pour ces échanges, qui auront permis de remotiver nos fournisseurs!

3 March, 2017
JNRIBETTE JN.RIBETTE from Kosmos:

Merci pour la détection des failles et pour les informations permettant de les corriger !

23 February, 2017
RCnfpt RSSI from CNFPT:

Un grand merci à Dr Stache pour les informations transmises.
Cela nous a permis de réagir rapidement. Encore merci et bonne continuation.

23 February, 2017
NicoBiot Nico B from CNFPT:

Merci à DrStache pour la détection de la faille et sa réactivité

20 February, 2017
fmplaw Florent.F from MEN - AC CRETEIL:

Une grande compétence et une super communication. Merci Dr Stache !

10 February, 2017
Brit_Hotel Jean-Manuel from Brit Hotel:

Un grand merci pour votre réactivité et votre aide ! ;)

7 February, 2017
meteociel Meteociel from Meteociel:

Thanks for the report of many XSS vulnerabilities for the Meteociel.fr site. Quick & precise answers.

8 January, 2017
saitenforum Jens from Saitenforum:

DrStache was extremely helpful, responsive and knowledgeable in pointing me to the vulnerabilities on my websites. I can highly recommend him! Keep up the great work. Thanks a lot!

8 November, 2016
Winaskin Vador from Winaskin.com:

Thank you DrStache, with you, we patched our issue ;-)

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
15.05.2017
On Hold
XSS  (Open Bug Bounty)
05.05.2017
On Hold
XSS  (Open Bug Bounty)
05.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
patched
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
04.05.2017
On Hold
XSS  (Open Bug Bounty)
03.05.2017
On Hold
XSS  (Open Bug Bounty)
03.05.2017
On Hold
XSS  (Open Bug Bounty)
03.05.2017
On Hold
XSS  (Open Bug Bounty)
03.05.2017
patched
XSS  (Open Bug Bounty)
03.05.2017
patched
XSS  (Open Bug Bounty)
28.04.2017
On Hold
XSS  (Open Bug Bounty)
28.04.2017
On Hold
XSS  (Open Bug Bounty)
25.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)
20.04.2017
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

freeimages.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 17
Approved XSS vulnerabilities: 4992
Approved XSS vulnerabilities on VIP websites: 529
on 29.05.2017
housebeautiful.com
Reported by amlnspqr Twitter: @amlnspqr
Recommendations received: 6
Approved XSS vulnerabilities: 1587
Approved XSS vulnerabilities on VIP websites: 268
on 29.05.2017
facebook.com
Reported by evaristegal0is Twitter: @evaristegal0is
Recommendations received: 3
Approved XSS vulnerabilities: 152
Approved XSS vulnerabilities on VIP websites: 34
on 29.05.2017
ctgoodjobs.hk
Reported by revydol Approved XSS vulnerabilities: 197
Approved XSS vulnerabilities on VIP websites: 16
on 29.05.2017
gazzetta.it
Reported by evaristegal0is Twitter: @evaristegal0is
Recommendations received: 3
Approved XSS vulnerabilities: 152
Approved XSS vulnerabilities on VIP websites: 34
on 29.05.2017
hanfi1.rssing.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 7
Approved XSS vulnerabilities: 1298
Approved XSS vulnerabilities on VIP websites: 286
on 29.05.2017
baiduyunpan.com
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 3254
Approved XSS vulnerabilities on VIP websites: 197
on 29.05.2017
zyxel.com
Reported by revydol Approved XSS vulnerabilities: 197
Approved XSS vulnerabilities on VIP websites: 16
on 29.05.2017
goodav17.com
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 3254
Approved XSS vulnerabilities on VIP websites: 197
on 28.05.2017
espnfc.com
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 3254
Approved XSS vulnerabilities on VIP websites: 197
on 28.05.2017

Latest Submissions

libweb1.lib.buffalo.edu
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 17
Approved XSS vulnerabilities: 4992
Approved XSS vulnerabilities on VIP websites: 529
on 29.05.2017
amphibiaweb.org
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 17
Approved XSS vulnerabilities: 4992
Approved XSS vulnerabilities on VIP websites: 529
on 29.05.2017
images.mrskincash.com
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22631
Approved XSS vulnerabilities on VIP websites: 1567
on 29.05.2017
signups.digitalprocessor.com
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22631
Approved XSS vulnerabilities on VIP websites: 1567
on 29.05.2017
secure.nakednews.com
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22631
Approved XSS vulnerabilities on VIP websites: 1567
on 29.05.2017
cams.mrman.com
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22631
Approved XSS vulnerabilities on VIP websites: 1567
on 29.05.2017
elbedecken.de
Reported by secuninja Recommendations received: 7
Approved XSS vulnerabilities: 1231
Approved XSS vulnerabilities on VIP websites: 44
on 29.05.2017
tanzforumberlin.de
Reported by secuninja Recommendations received: 7
Approved XSS vulnerabilities: 1231
Approved XSS vulnerabilities on VIP websites: 44
on 29.05.2017
zitty.de
Reported by secuninja Recommendations received: 7
Approved XSS vulnerabilities: 1231
Approved XSS vulnerabilities on VIP websites: 44
on 29.05.2017
bat-yam.muni.il
Reported by login_denied Twitter: @login_denied
Approved XSS vulnerabilities: 161
Approved XSS vulnerabilities on VIP websites: 4
on 29.05.2017