.wrapper { display:none; } .footer { display:none; } body { -ms-overflow-style: scrollbar; overflow-y: scroll; overscroll-behavior-y: none; } .errorContainer { background-color: #FFF; color: #0F1419; max-width: 600px; margin: 0 auto; padding: 10%; font-family: Helvetica, sans-serif; font-size: 16px; } .errorButton { margin: 3em 0; } .errorButton a { background: #1DA1F2; border-radius: 2.5em; color: white; padding: 1em 2em; text-decoration: none; } .errorButton a:hover, .errorButton a:focus { background: rgb(26, 145, 218); } .errorFooter { color: #657786; font-size: 80%; line-height: 1.5; padding: 1em 0; } .errorFooter a, .errorFooter a:visited { color: #657786; text-decoration: none; padding-right: 1em; } .errorFooter a:hover, .errorFooter a:active { text-decoration: underline; } #placeholder, #react-root { display: none !important; } body { background-color: #FFF !important; }

JavaScript is not available.

We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using openbugbounty.org.

2023 © OpenBugBounty

Infosec Institute

Open Bug Bounty mentioned in the
Top 6 Bug Bounty programs of
2022 by the InfoSec Institute

The Hacker News

Open Bug Bounty named among the
Top 5 Bug Bounty programs of 2021
by The Hacker News

Platform update: please use our new authentication mechanism to securely use the Open Bug Bounty Platform.

For Researchers

Frequently Asked Questions Read the FAQ to get best experience with our platform	Write a Blog Post Write a blog post to share your knowledge and get kudos
Browse Bug Bounty Programs Browse active bug bounty programs run by website owners	Report a Vulnerability Report and help remediate a vulnerability found on any website

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

For Website Owners

FAQ: For Website Owners Start here to ensure smooth collaboration with the security researchers	Start a Bug Bounty Start your bug bounty program at no cost and leverage crowd-security testing
FAQ: For Bug Bounty Owners Read how to maximize your ROI from crowd-security testing

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

About

About the Project Read about Open Bug Bounty history, values and mission	API Request National CERTs and law enforcement agencies may request our API
Frequently Asked Questions Review the most popular questions about the project	Contact Us Get in touch

How it Works

Download presentation and learn
how our platform works

PDF, 500kb

Hall of Fame
Forum

OpenBugBounty.org > Security Researchers > IAMMUSTAFA

IAMMUSTAFA | Security Researcher Profile

Security researcher IAMMUSTAFA has already helped fix 522 vulnerabilities.

Info
Reports
Recommendations
Badges
Statistics
Certificate
Blog

Researcher reputation: 820

Real name:
Mohammed Mustafa Raza Choudhry

About me:
I am a Cyber Security consultant, Cyber Forensics Investigator and founder of iAMMustafa Labs and MR CyberSec that provides complete solutions for Information Security-related domain.

Contact email:
[email protected]

Alternative Contacts:
[email protected]

Certifications & Diplomas:
CISM
CEH
ECSA
CHFI
ISO 27001:2013 LA/LI
CISA
CCNA Security

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Paypal, Amazon gift card, Swag, Gifs.. or thanks :)

Prefer Bug Bounty Payment:

paypal: [email protected]

Recommendations and Acknowledgements | Full List:

7 August, 2019

westcacom Edwin from WESTCA.COM:

Thanks for reporting the XSS vulnerability on our website. We have fixed it now.

@NewLineHorizon1

3 August, 2019

NewLineHorizon1 Melisa from NewLineHorizon:

Dear,

Thanks for participating in responsible disclosure program.
The reports you submitted were extremely helpful to our team and provided us the details we needed to resolve the issues that you identified.
We are deeply committed to provide a safe and secure experience to our users and are therefore grateful for your efforts to help us improve our services.

Best Regards!

12 February, 2020

ryne70030772 Ashton from Zykrr:

Thanks for reporting cross site scripting on our website. Really appreciated your Work :)

12 February, 2020

ryne70030772 Ashton from Zykrr:

Thanks for the XSS report. We have patched the issue. Thank a lot for alerting us.

12 February, 2020

ryne70030772 Ashton from Zykrr:

Thanks for reporting XSS vulnerability on our website. Your detailed report help us to patched the issue. Many Thanks.

12 February, 2020

ryne70030772 Ashton from Zykrr:

Your report helped us to patch XSS issue on our website. Thank you :)

12 February, 2020

ryne70030772 Ashton from Zykrr:

Your report helped us to patch XSS issue on our website. Thank you :)

12 February, 2020

ryne70030772 Ashton from Zykrr:

We have patched the vulnerability as suggested by you. Thanks

12 February, 2020

ryne70030772 Ashton from Zykrr:

Thanks for your report. Really appreciated.

30 January, 2020

ryne70030772 Arvind from Sagacious:

Thanks for helping me out regarding report submission. Really Appreciated.

30 January, 2020

ryne70030772 Joseph from MyTrux:

Thanks for reporting issue on our Website. Vulnerability has been patched!!

30 January, 2020

ryne70030772 Calvin James from Amantel:

Your report helped us to patch XSS issue on our website. Thank you :)

30 January, 2020

ryne70030772 Calvin James from Amantel:

Thanks for reporting the XSS vulnerability on our website. We have fixed it now.

30 January, 2020

ryne70030772 Calvin James from Amantel:

Thanks for reporting the XSS vulnerability on our website. We have fixed it now.

30 January, 2020

ryne70030772 Calvin James from Amantel:

Thanks for reporting issue on our Website. Vulnerability has been patched

30 January, 2020

ryne70030772 Calvin James from Amantel:

Thanks for reporting XSS vulnerability on our website. Your detailed report help us to patched the issue. Many Thanks.

24 January, 2020

ryne70030772 Ryne from Stimulite Inc.:

Thanks Again.

24 January, 2020

ryne70030772 Ryne from Stimulite Inc.:

Thanks for the XSS report. We have patched the issue. Thank a lot for alerting us.

24 January, 2020

ryne70030772 Ryne from Stimulite Inc.:

Thanks for reporting issue on our Website. Vulnerability has been patched

9 December, 2019

bzweic Ingo Holder from bzweic GbR:

Thank you for reporting the XSS issue. :) You are awesome

27 November, 2019

BretPaul7 Paul :

Thanks for helping me out regarding report submission. Really Appreciated.

@carlton42802879

27 November, 2019

carlton42802879 Carlton from [email protected]:

Your report helped us to patch XSS issue on our website. Thank you :)

27 November, 2019

AlbertNyke Albert Nyke from Sitel:

Thanks for the XSS report. We have patched the issue. Thank a lot for alerting us.

27 November, 2019

fadi01665991 Fadi Lyan from Knive Corp:

Thanks for reporting XSS vulnerability on our website. Your detailed report help us to patched the issue. Many Thanks.

27 November, 2019

DcostaSami Sami Dcosta from Lala Club:

Thanks for you for reporting vulnerability on our website. We have Patched the issue, Please Check...:)

25 November, 2019

LBryat Lyan from 4xmail:

Thanks for kind alert regarding XSS. We have fixed the issue. Thanks again:)

14 November, 2019

pofope1 pofope from ymail365:

Thanks for your report. Please check we have patched it. :)

11 November, 2019

AmalAyaat Amal Ayaat from Smart-Choice LLC:

Thanks for reporting critical vulnerability on one of our sub-domains. We have patched it. Thanks:)

11 November, 2019

yikkomolmi yikkomolmi from Yevme News:

Thanks for your report. Appreciated your H@rdw0rk:)

11 November, 2019

teron60137225 Teron Kyjuan from iironus:

Thanks for reporting XSS report on our website. Really Appreciated...

11 November, 2019

rurdehikki rurdehikki from enayu techx:

Thanks for your report of reflected XSS. Great Work.

11 November, 2019

kidaxa2 kidaxa from 3mailapp:

Thanks for reporting server debug information vulnerability on our website. We have patched it. Thanks once again

9 November, 2019

Leydo6 Leydo from Enayu LLP:

Thanks for reporting cross site scripting on our website. Really appreciated your Work :)

@TejalPa05326293

25 October, 2019

TejalPa05326293 Tejal Panchal from Freelancer:

Thanks for helping me out to find Stored XSS. Appreciated to time and effort

@Shashan20680357

25 October, 2019

Shashan20680357 Shashank from Wipro Technologies:

Thanks for reporting open redirection on our website. Appreciated your hard work. Thanks a lot:)

25 October, 2019

RasamKaustubh Kaustubh Rasam from Freelance:

Thanks for your assistance.. Appreciated :)

7 August, 2019

omey_09 Omey from Dell:

Thank you for your great assistance for finding XSS vulnerability on our site. Keep it up.....

7 August, 2019

ankeet93dalvi James from Csfinh:

Thank you for your report about XSS vulnerability. We have fixed the issue please check from your side. Thanks again.....

@Ankeet25478121

7 August, 2019

Ankeet25478121 Ankeet from BPCL:

Thanks a lot IAMMUSTAFA for reporting XSS vulnerability on our website. Issue has been fixed now. Cheers!!!!

4 August, 2019

AlmozRamez Ramez from Make foundation:

Thank you for your alert on XSS. Issue has been fixed. Great Job!!!!

4 August, 2019

3china2 3China from 3China:

Thanks for your alert on XSS issue. We have fixed it.

4 August, 2019

reem_zahra Zahra from Al-Zahra foundation:

A big thanks to IAMMUSTAFA for reporting the issue. We have fixed it by your help. THANKS!!!!!!!!!!

4 August, 2019

BenjaminRammy Rammy from Splendor:

Thanks IAMMUSTAFA for reporting vulnerabilities. We have fixed the issue. Be BEST..

4 August, 2019

Cloudtechies1 Cloudtechies from Cloudtechies:

Thanks for reporting XSS vulnerability. We have fixed the issue.

@AlbertJ74775625

4 August, 2019

AlbertJ74775625 Albert from Marathon:

Thanks a lot for reporting XSS issue and helping to patch it.
And again thanks for your professional support

@1747c0701fa1488

4 August, 2019

1747c0701fa1488 castle seek from castle seek:

Thanks a lot for your detailed report. We have fixed the issue.
Great work

4 August, 2019

GreensMarosh Green Marosh LLC. from Green Marosh LLC.:

Thank you IAMMUSTAFA for your help on fixing this issue. Truly professional

4 August, 2019

GlexManaged Glex managed solution from Glex managed solution:

Thank you Mustafa, we have fixed the issue that you reported.
Very professional and humble. Keep doing this great work.

4 August, 2019

litetech2 LiteTech from LiteTech managed Solutions:

Thank you very much Mustafa for helping us in finding and fixing XSS vulnerability. You ROCK.................

@AlishaR15000811

4 August, 2019

AlishaR15000811 Alisha from Structer built:

Thanks a lot Mustafa for notifying the issue and help to fix it. Keep it Up......

4 August, 2019

AlmortMike Mike from Traxta:

Thanks a lot Mustafa for the information and support on fixing the issue.
you are AWESOME

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites


10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research


WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements


Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch


Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition


REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author


1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	1718
Total reports on VIP sites:	348
Total patched vulnerabilities:	522
Recommendations received:	51
Active since:	14.07.2019
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

Researcher Certificate

Reported Vulnerabilities

All Submissions VIP Submissions

No posts in blog yet

Latest Patched

26.04.2024 news.gov.mb.ca

26.04.2024 mdanderson.org

25.04.2024 seeu.edu.mk

25.04.2024 xaxim.sc.gov.br

25.04.2024 lacerdopolis.sc.gov.br

24.04.2024 tap.mk.gov.lv

23.04.2024 data.aad.gov.au

23.04.2024 bitporno.to

23.04.2024 sys01.lib.hkbu.edu.hk

23.04.2024 srvm.gov.za

Latest Blog Posts

04.12.2023 by BAx99x
Unmasking the Power of Cross-Site Scripting (XSS): Types, Exploitation, Detection, and Tools

04.12.2023 by a13h1_
$1120: ATO Bug in Twitter’s

04.12.2023 by ClumsyLulz
How I found a Zero Day in W3 Schools

04.12.2023 by 24bkdoor
Hack the Web like a Pirate: Identifying Vulnerabilities with Style

04.12.2023 by 24bkdoor
Navigating the Bounty Seas with Open Bug Bounty

Recent Recommendations

22 April, 2024

genoverband:

Thank you for your invaluable help in ensuring the security of our domain and its visitors!

10 April, 2024

Mars:

Hatim uncovered a XSS bug that we were able to quickly resolve. Thanks very much for your assistance and help.

8 April, 2024

Panthermedia:

Thanks to the support of Hatim Chabik, we were able to identify and solve an XSS bug.

5 April, 2024

pubpharm:

Pooja found a XSS vulnerability on our website and provided us with the needed Information for replication and fixing the issue. Which she verified afterwards.
We thank her for the reporting and assistance.

2 April, 2024

genoverband:

Thank you for your invaluable help in ensuring the security of our domain and its visitors!

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines

2023 © OpenBugBounty