Report Email Alerts Open Bug Bounty: 136,566 coordinated disclosures
Full Disclosure: 32,608 vulnerabilities
Total Vulnerabilities Fixed: 41,461
138,961 vulnerable websites, 14,988 VIP websites
3,348 security researchers, 4,381 notification subscribers

DrStache Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Security researcher DrStache has already helped fix 845 vulnerabilities.

Follow me on:
Twitter

Real name:
Florian Charbonneau

About me:
French student in Networking and Telecommunications
Security enthusiast

How to contact me:
[email protected]

Contact me as soon as possible so we can work together to quickly protect your users.

Experience in Application Security:
1-3 years

Award / Bug Bounty I prefer:
A thanks/profile recommendation will be really appreciated and is enough, but if you'd like:
~ Bug Bounty (PayPal / BTC)
~ Hall of Fame
~ Swag (T-shirt, sticker..)

Halls of Fame:
hackerone.com/drstache
bugcrowd.com/DrStache

cert.europa.eu/cert/newsletter/en/latest_HallOfFame_.html
success.trendmicro.com/vulnerability-response
security.olx.com/security-hall-of-fame.html


Research Statistics



OpenBugBounty CertificateDownload
Approved XSS vulnerabilities:4211
Approved XSS vulnerabilities on VIP websites:205
Patched vulnerabilities:845
Verified vulnerabilities on Hold (Open Bug Bounty):29
Active since:31.07.2016
Top Security Researcher Awards: Top Security Researcher of the Month Top Security Researcher of the Month Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Awards and Achievements

Advanced Research and Outstanding Achievements

WAF Bypasser
Secured OBB
Bug Bounty Lord
Coordinated Disclosure
Fastest Fix
Fix in 24 hours

Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Commitment to Responsible Disclosure

Patch Master
70% Patched
Patch Guru
80% Patched
Patch Lord
90% Patched

Recommendations and Recognition

REPUTABLE
30+ Recommends
FAMOUS
50+ Recommends
GLOBALLY TRUSTED
100+ Recommends

CSRF Craftsmanship

CSRF Pro
10+ Reports
CSRF Master
50+ Reports
CSRF Guru
100+ Reports

Application Logic Craftsmanship

AppSec Logic Pro
10+ Reports
AppSec Logic Master
50+ Reports
AppSec Logic Guru
100+ Reports

VIP Submissions

MADE WEB SAFER
250+ VIPs
SECURITY EVANGELIST
500+ VIPs

Quantity of Reports

10+ Reports
50+ Reports
500+ Reports
CYBERLORD
1000+ Reports

Recommendations and Acknowledgements

19 July, 2017
SimonFonteneau Simon Fonteneau from Lesfourmisduweb:

Merci a Drstache pour son signalement ! J'ai pu corriger a rapidement !

19 July, 2017
SMintrav SMINTRAV from MINTRAV:

Thank you DrStache, with you, we patched our issue you was extremely helpful, responsive and knowledgeable in pointing us to the Xss vulnerabilities on our websites !

22 March, 2017
JKrycha Josef Krycha from Canon Europe Ltd.:

DrStache reported multiple vulnerabilities in Canon websites ranging form reflected XSS's, SQL injections to information disclosure. All findings were valid and the communication with him was quick and efficient. Thank you for your help and best of luck!

9 March, 2017
bugfort26 NB. from CDC:

Merci pour ces échanges, qui auront permis de remotiver nos fournisseurs!

3 March, 2017
JNRIBETTE JN.RIBETTE from Kosmos:

Merci pour la détection des failles et pour les informations permettant de les corriger !

23 February, 2017
RCnfpt RSSI from CNFPT:

Un grand merci à Dr Stache pour les informations transmises.
Cela nous a permis de réagir rapidement. Encore merci et bonne continuation.

23 February, 2017
NicoBiot Nico B from CNFPT:

Merci à DrStache pour la détection de la faille et sa réactivité

20 February, 2017
fmplaw Florent.F from MEN - AC CRETEIL:

Une grande compétence et une super communication. Merci Dr Stache !

10 February, 2017
Brit_Hotel Jean-Manuel from Brit Hotel:

Un grand merci pour votre réactivité et votre aide ! ;)

7 February, 2017
meteociel Meteociel from Meteociel:

Thanks for the report of many XSS vulnerabilities for the Meteociel.fr site. Quick & precise answers.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
13.07.2017
On Hold
XSS  (Open Bug Bounty)
05.07.2017
patched
XSS  (Open Bug Bounty)
05.07.2017
On Hold
XSS  (Open Bug Bounty)
05.07.2017
On Hold
XSS  (Open Bug Bounty)
05.07.2017
On Hold
XSS  (Open Bug Bounty)
05.07.2017
On Hold
XSS  (Open Bug Bounty)
04.07.2017
On Hold
XSS  (Open Bug Bounty)
27.06.2017
On Hold
XSS  (Open Bug Bounty)
27.06.2017
On Hold
XSS  (Open Bug Bounty)
27.06.2017
On Hold
XSS  (Open Bug Bounty)
27.06.2017
On Hold
XSS  (Open Bug Bounty)
26.06.2017
On Hold
XSS  (Open Bug Bounty)
23.06.2017
On Hold
XSS  (Open Bug Bounty)
23.06.2017
patched
XSS  (Open Bug Bounty)
16.06.2017
On Hold
XSS  (Open Bug Bounty)
15.06.2017
patched
XSS  (Open Bug Bounty)
12.06.2017
On Hold
XSS  (Open Bug Bounty)
09.06.2017
patched
XSS  (Open Bug Bounty)
09.06.2017
patched
XSS  (Open Bug Bounty)
09.06.2017
patched
XSS  (Open Bug Bounty)


LATEST VIP SUBMISSIONS

epaper.udayavani.com
Reported by m0ns7er Twitter: @AkashLabde3
Badges received: 2
Approved XSS vulnerabilities: 213
Approved XSS vulnerabilities on VIP websites: 20
on 22.07.2017
rhs.org.uk
Reported by OmniGooch Badges received: 9
Recommendations received: 3
Approved XSS vulnerabilities: 4034
Approved XSS vulnerabilities on VIP websites: 334
on 22.07.2017
74.ru
Reported by OmniGooch Badges received: 9
Recommendations received: 3
Approved XSS vulnerabilities: 4034
Approved XSS vulnerabilities on VIP websites: 334
on 22.07.2017
vizer.tv
Reported by MiguelSantareno Badges received: 4
Recommendations received: 4
Approved XSS vulnerabilities: 304
Approved XSS vulnerabilities on VIP websites: 59
on 22.07.2017
spareroom.co.uk
Reported by eb Badges received: 6
Recommendations received: 11
Approved XSS vulnerabilities: 734
Approved XSS vulnerabilities on VIP websites: 30
on 22.07.2017
01net.com
Reported by eb Badges received: 6
Recommendations received: 11
Approved XSS vulnerabilities: 734
Approved XSS vulnerabilities on VIP websites: 30
on 22.07.2017
itu.int
Reported by eb Badges received: 6
Recommendations received: 11
Approved XSS vulnerabilities: 734
Approved XSS vulnerabilities on VIP websites: 30
on 22.07.2017
uabc.mx
Reported by RootByte Twitter: @RootByteMX
Badges received: 6
Approved XSS vulnerabilities: 592
Approved XSS vulnerabilities on VIP websites: 61
on 22.07.2017
trademarkia.com
Reported by LewisWildgoose Badges received: 3
Recommendations received: 1
Approved XSS vulnerabilities: 220
Approved XSS vulnerabilities on VIP websites: 62
on 21.07.2017
mensfitness.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1492
Approved XSS vulnerabilities on VIP websites: 241
on 21.07.2017



LATEST SUBMISSIONS

sportstimes.co.in
Reported by m0ns7er Twitter: @AkashLabde3
Badges received: 2
Approved XSS vulnerabilities: 213
Approved XSS vulnerabilities on VIP websites: 20
on 22.07.2017
nspa.in
Reported by m0ns7er Twitter: @AkashLabde3
Badges received: 2
Approved XSS vulnerabilities: 213
Approved XSS vulnerabilities on VIP websites: 20
on 22.07.2017
iam.3ds.com
Reported by ShivprasadSambhare Twitter: @shivprasads22
Badges received: 6
Recommendations received: 2
Approved XSS vulnerabilities: 648
Approved XSS vulnerabilities on VIP websites: 77
on 22.07.2017
crp.mindtree.com
Reported by ShivprasadSambhare Twitter: @shivprasads22
Badges received: 6
Recommendations received: 2
Approved XSS vulnerabilities: 648
Approved XSS vulnerabilities on VIP websites: 77
on 22.07.2017
multiplan.com.br
Reported by OmniGooch Badges received: 9
Recommendations received: 3
Approved XSS vulnerabilities: 4034
Approved XSS vulnerabilities on VIP websites: 334
on 22.07.2017
main-gauche.com
Reported by OmniGooch Badges received: 9
Recommendations received: 3
Approved XSS vulnerabilities: 4034
Approved XSS vulnerabilities on VIP websites: 334
on 22.07.2017
epaper.kaieteurnewsonline.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1492
Approved XSS vulnerabilities on VIP websites: 241
on 22.07.2017
epaper.enavabharat.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1492
Approved XSS vulnerabilities on VIP websites: 241
on 22.07.2017
epaper.amarujala.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1492
Approved XSS vulnerabilities on VIP websites: 241
on 22.07.2017
wap.tim.com.br
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1492
Approved XSS vulnerabilities on VIP websites: 241
on 22.07.2017