Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 419,317 coordinated disclosures
228,070 fixed vulnerabilities
565 bug bounties with 1105 websites
11,327 researchers, 932 honor badges

Esss_ayy | Security Researcher Profile


Security researcher Esss_ayy has already helped fix 70 vulnerabilities.



Researcher reputation:  80

Real name:
Sajid Ali

About me:
Info Security researcher,bug hunter whose goal is to help and improve companies and organizations security through coordinated private disclosure programs.

How to contact me:
You people can message me on my twitter account, email me on below address.
[email protected]

Experience in Application Security
1-3 years

Award / Bug Bounty I prefer:
-> Bounty Payment (PayPal).
-> Public Recognition & thanks (Here).
-> Swag (T-shirt, stickers, cups).
-> Job Offer (Pentest or Vulnerability Assessment Project).
-> Vouchers (eg. Amazon )

Halls of Fame:
https://hackerone.com/sajid_ali/thanks
https://www.thehaguesecuritydelta.com/wall-of-fame-responsible-disclosure
https://support.teamhively.com/general-use/i-found-a-bug-what-should-i-do/

Follow me on:
Twitter

Recommendations and Acknowledgements

    6 June, 2019
     aapit David Spreekmeester from Grrr:
Thanks to Esss_ayy's sharp observations, we were made aware of a security issue and could patch it before it caused any troubles.
    9 May, 2019
     eagerlyinternet Sietse from Eagerly:
Thanks for helping us find and fix vulnerabilities on several websites.
    5 March, 2019
     ILT2010 David from Specco:
Thank you Esss_ayy for disclosing responsibly the XSS issue and the prompt professionally detailed info.
    21 January, 2019
     fparisot Fabrice PARISOT from Fab’s AutoBackup:
Thank you for telling me about that ugly XSS flaw :)
    7 December, 2018
     jcopley jcopley from Copley Internet Systems:
Sajid promptly helped me identify several vulnerabilities which have been patched. Thanks and well done!

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:227
Total reports on VIP sites:22
Total patched vulnerabilities:70
Total vulnerabilities on Hold (Open Bug Bounty):16
Recommendations received:5
Active since:17.06.2018

Open Bug Bounty Certificate





No posts in blog yet


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
18.08.2019
On Hold
Cross Site Scripting
11.08.2019
On Hold
Improper Access Control 
11.08.2019
On Hold
Improper Access Control 
27.07.2019
On Hold
Cross Site Scripting
10.07.2019
On Hold
Improper Access Control 
10.07.2019
On Hold
Improper Access Control 
10.07.2019
On Hold
Improper Access Control 
10.07.2019
On Hold
Improper Access Control 
10.07.2019
On Hold
Improper Access Control 
10.07.2019
On Hold
Improper Access Control 
09.07.2019
On Hold
Improper Access Control 
07.07.2019
patched
Cross Site Scripting
05.07.2019
On Hold
Cross Site Scripting
04.07.2019
On Hold
Improper Access Control 
03.07.2019
patched
Cross Site Scripting
02.07.2019
patched
Cross Site Scripting
02.07.2019
patched
Cross Site Scripting
25.06.2019
On Hold
Improper Access Control 
05.06.2019
On Hold
Improper Access Control 
24.05.2019
On Hold
Improper Access Control 

  Latest Patched

 19.08.2019 schnittberichte.com
 19.08.2019 bolha.com
 19.08.2019 the42.ie
 14.08.2019 credit-agricole.fr
 14.08.2019 fab.mil.br
 14.08.2019 a1.net
 14.08.2019 unige.ch
 14.08.2019 wunderground.com
 13.08.2019 djjohal.net
 13.08.2019 biblegateway.com

  Latest Blog Posts

19.08.2019 by ismailtsdln
IBM - Cross site Scripting [XSS]
15.08.2019 by thevivekkryadav
HOW I WAS BYPASSED CLOUDFLARE WAF
13.08.2019 by Renzi25031469
XSSCon - XSS Tool @Kitploit
13.08.2019 by Cur1S3
I Found a multiple xss on https://clickmeeting.com
13.08.2019 by ZIKADS
xss at anghami.com

  Recent Recommendations

    19 August, 2019
     maxiorel:
Thanks for reporting the problem and the vulnerability details.
    15 August, 2019
     randomthing4ev1:
Thank you for finding XSS on one of our websites.
    15 August, 2019
     pavelmusil:
Thanks you for report about hidden vulnerabilities in my projects.
    14 August, 2019
     runlevelone:
Thank you for your great input!
    14 August, 2019
     convertunits:
Great job finding a vulnerability. I have fixed the issue now, thanks for your help!