Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 473,665 coordinated disclosures
254,763 fixed vulnerabilities
633 bug bounties with 1260 websites
12,928 researchers, 996 honor badges

IAMMUSTAFA | Security Researcher Profile


Security researcher IAMMUSTAFA has already helped fix 272 vulnerabilities.



Researcher reputation:  610

Real name:
Mohd Mustafa Choudhary

About me:
I am a Security consultant who provides consultancy for information security-related domain.

How to contact me:
[email protected]

Certifications & Diplomas:
CEH
ECSA
Offensive Security
ISO 27001:2013 LA
CISA

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Paypal, Amazon gift card, Swag, Gifs.. or thanks :)

Prefer Bug Bounty Payment:

paypal: [email protected]

Recommendations and Acknowledgements

    7 August, 2019
     westcacom Edwin from WESTCA.COM:
Thanks for reporting the XSS vulnerability on our website. We have fixed it now.
    3 August, 2019
     NewLineHorizon1 Melisa from NewLineHorizon:
Dear,

Thanks for participating in responsible disclosure program.
The reports you submitted were extremely helpful to our team and provided us the details we needed to resolve the issues that you identified.
We are deeply committed to provide a safe and secure experience to our users and are therefore grateful for your efforts to help us improve our services.

Best Regards!
    27 November, 2019
     BretPaul7 Paul :
Thanks for helping me out regarding report submission. Really Appreciated.
    27 November, 2019
     carlton42802879 Carlton from [email protected]:
Your report helped us to patch XSS issue on our website. Thank you :)
    27 November, 2019
     AlbertNyke Albert Nyke from Sitel:
Thanks for the XSS report. We have patched the issue. Thank a lot for alerting us.
    27 November, 2019
     fadi01665991 Fadi Lyan from Knive Corp:
Thanks for reporting XSS vulnerability on our website. Your detailed report help us to patched the issue. Many Thanks.
    27 November, 2019
     DcostaSami Sami Dcosta from Lala Club:
Thanks for you for reporting vulnerability on our website. We have Patched the issue, Please Check...:)
    25 November, 2019
     LBryat Lyan from 4xmail:
Thanks for kind alert regarding XSS. We have fixed the issue. Thanks again:)
    14 November, 2019
     pofope1 pofope from ymail365:
Thanks for your report. Please check we have patched it. :)
    11 November, 2019
     AmalAyaat Amal Ayaat from Smart-Choice LLC:
Thanks for reporting critical vulnerability on one of our sub-domains. We have patched it. Thanks:)

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:1129
Total reports on VIP sites:256
Total patched vulnerabilities:272
Total vulnerabilities on Hold (Open Bug Bounty):990
Recommendations received:33
Active since:14.07.2019
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate



30.11.2019  How to hack an app: 8 best practices for pen testing mobile apps

Mobile applications are here to stay. They've become an essential part of our lives as our dependence on our smartphones has grown. But when it comes to security, users are like sitting ducks. Surveys in a recent study on the state of application security says that "84 percent of mobile app users ... believe that their mobile health and finance apps are adequately secure."

Truth is, security can be a false perception if we do not know how our applications were developed and penetration tested. The reality is that downloading and using these applications can represent a potential risk to both you and your organization, given that untested apps may contain security bugs that can make your data vulnerable. Unfortunately, the majority of mobile and health applications contain serious security vulnerabilities. 


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
07.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
04.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting
03.12.2019
On Hold
Cross Site Scripting

  Latest Patched

 07.12.2019 tools.wmflabs.org
 07.12.2019 neuvoo.com
 06.12.2019 derby.ac.uk
 06.12.2019 thesolesupplier.co.uk
 06.12.2019 yourtango.com
 06.12.2019 dnr.mo.gov
 06.12.2019 tizianafausti.com
 06.12.2019 northumbria.ac.uk
 06.12.2019 nwrfc.noaa.gov
 05.12.2019 blizzard.com

  Latest Blog Posts

30.11.2019 by IAMMUSTAFAQADRI
How to hack an app: 8 best practices for pen testing mobile apps
27.11.2019 by TahakhanTaha
Reflected xss in 360totalsecurity
21.11.2019 by TahakhanTaha
blind xss in apple
30.10.2019 by Nep_1337_1998
Denial of Service vulnerability in script-loader.php (CVE-2018-6389)
17.10.2019 by 0xrocky
Stored XSS

  Recent Recommendations

    6 December, 2019
     r0m01736939:
Thank you for your report. I was able to fix it quickly :)
    6 December, 2019
     Buchabstauber:
We would like to thank you for your valuable contribution in finding the XSS issue on our site! You have been very helpful!
    4 December, 2019
     fablabc:
Thanks for reporting a high risky issue to me. You are awesome
    4 December, 2019
     lbl_jd:
Gh05tPT found a XSS vulnerability on our site which I was able to fix quite quickly. Thanks for your help.
    4 December, 2019
     sanjurosaves:
Excellent discovery and discreet disclosure of an SQL injection vulnerability. Top tier security researcher.