Researcher reputation:  1450

Real name:
TAHA SMILY

About me:
Our Democracy has been Hacked ! F**K society

How to contact me:
this is my email adresse : [email protected]

Alternative Contacts:
https://www.linkedin.com/in/taha-smily-195aa3145/

Experience in Application Security
3-5 years

Award / Bug Bounty I prefer:
I prefer :
- Rewards
- Benefits Gifts
- Swag
- Hall of Fame
- Acknowledgment
- PayPal Money


Anything that you wish to award me will motivate me to continue doing what I'm doing

Follow me on:
Twitter
LinkedIn

Recommendations and Acknowledgements

    8 April, 2020

     Hansaplastique Hans from www.weethet.nl:

I can highly recommend working with ELProfesor. He's knowledgable, very responsive and provides clear information and examples, which helped me resolved the issues.

    26 March, 2020

     KyleGeorgeArch Kyle Arch from Learning Pool:

Thank you ElProfesor for responsibly disclosing an XSS issue and providing the reproduction steps. With your help we've identified the issue and are working on a fix. Thank you for your hard work and responsible practices.

    10 March, 2020

     GColsoul Guy from Ineo:

Thank you for your vigilance. It helps us to improve continuously our systems. Very helpful.

    10 March, 2020

     RuncornLinnets Steve Pritchard from Runcorn Linnets FC:

Taha found a particularly tricky XSS problem on our site, and responsibly reported it to us so we could correct the issue. We thank him for his responsible disclosure and hard work bringing security flaws like this to our attention.

    9 March, 2020

     IT_Wolve Markus from Pepperl+Fuchs AG:

Thank you Taha for reporting and helping us finding these XSS issues on our website. We fixed it.

    16 February, 2020

     bigwavedave_ca DaveB from bwd:

Thank you Taha for finding and reporting the vulnerability on my website.

    3 February, 2020

     searacom Pedro Marques from Seara:

ElProfesor, thanks for reporting the XSS vuln, the quick reply and clear message that led us to the right correction. Great job!

    3 February, 2020

     vavideode Vavideo from Vavideo:

Thank you very much for making suggestions about security vulnerabilities!

    30 January, 2020

     SecuriteInfoCom Arnaud Jacques from Securiteinfo.com:

Thank you for your report. It is now fixed.

    29 January, 2020

     Travelmath John from Travelmath:

Great job finding a vulnerability that others missed. I have fixed the issue now, thanks for your help.

Shows the first 10 recommendations. See all.

Honor Badges

Number of Secured Websites

10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research

WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements

Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch

Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition

REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author

1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	9295
Total reports on VIP sites:	1846
Total patched vulnerabilities:	2501
Total vulnerabilities on Hold (Open Bug Bounty):	1350
Recommendations received:	97
Active since:	12.10.2017
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

27.11.2019  Reflected xss in 360totalsecurity

i have found vulnerability in 360totalsecurity ,is Reflected XSS in https://blog.360totalsecurity.com

Steps to reproduce :

Go to https://blog.360totalsecurity.com

and To : https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=Blog

and replace utm_source value by this XSS payload : x”><svG onLoad=prompt(document.domain)>

Line: <a href=”https://blog.360totalsecurity.com/en?utm_source=x"><svG onLoad=prompt(document.domain)>

Poc:

https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=x"><svG onLoad=prompt(document.domain)>

Regards,

TAHA

21.11.2019  blind xss in apple

This is my report about blind xss in apple via user agent