Report Email Alerts 201,031 coordinated disclosures
116,226 fixed vulnerabilities
163,084 websites, 15,729 VIP websites
5,437 researchers, 6,807 subscribers
OpenBugBounty.org  >  Security Researchers  >  M0r3h4x

M0r3h4x | Security Researcher Profile


Security researcher M0r3h4x has already helped fix 437 vulnerabilities.

Real name:
Charafeddine Nassiri

About me:
19 years old Moroccan security researcher / Sysadmin / bug bounty hunter

How to contact me:
Email : [email protected]

Certifications & Diplomas:
LFCS Certification
RHSA Certification
Comptia Cloud Certification
Comptia Linux Certification

Experience in Application Security
< 1 year

Award / Bug Bounty I prefer:
If you feel like to thank me with something extra for my time I really appreciate the following:

_ Bug Bounty: Paypal "Because i'm broke"
_ Acknowledgement certificate

Halls of Fame:
Opentext : https://goo.gl/Wr46FU
Postimages : https://goo.gl/d2ZW8D
Sony : https://goo.gl/ZarA3R
Sunet : https://goo.gl/N32cgq
AT&T : https://goo.gl/uB7BCS

Follow me on:
Twitter
Facebook


Recommendations and Acknowledgements

15 February, 2018
BudTerence5 Hendrik from Mahr:

Thanks to Charafeddine for the great researching and useful report. Great work!

5 February, 2018
sdecosse Stefan from Payworks:

Reported an XSS vulnerability on one of our sites, provided detailed information and was great to work with. Thank you!

27 October, 2017
brutemorse Anton from Acronis:

Thanks

10 October, 2017
ziduniwien Computer Center from University of Vienna:

Dear Charafeddine Nassiri,

The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues.

Your input is highly welcome and helps to raise the security level of our educational institution.

Servus and greetings from Vienna, Austria.

29 September, 2017
andy_chian Andy from Autofusion:

Charafeddine helped us locate several XSS vulnerability on our sites, and we were able to patch the issue. Thanks.

22 August, 2017
LegendaryNemean Amigo from Amigo:

Recommended a security change due to XSS. Detailed feedback and information.

Please login via Twitter to add a recommendation


Awards and Achievements


Number of Secured Websites
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Research Statistics



Open Bug Bounty Certificate:Download
Total reports:2364
Total reports on VIP sites:220
Total patched vulnerabilities:437
Total vulnerabilities on Hold (Open Bug Bounty):102
Recommendations received:6
Active since:21.03.2017
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Week

Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
mygc.goshen.edu
20.04.2018
On Hold
Cross Site Scripting
mwd1.com
20.04.2018
On Hold
Cross Site Scripting
antweb.org
19.04.2018
On Hold
Cross Site Scripting
windtrax.com
18.04.2018
On Hold
Cross Site Scripting
kleton.com
18.04.2018
On Hold
Cross Site Scripting
shop.silmarelectronics.com
18.04.2018
On Hold
Cross Site Scripting
estore.choctawkaul.com
18.04.2018
On Hold
Cross Site Scripting
saftgard.net
18.04.2018
On Hold
Cross Site Scripting
store.garston.com
18.04.2018
On Hold
Cross Site Scripting
scnindustrial.com
18.04.2018
On Hold
Cross Site Scripting
store.pioneersupply.com
18.04.2018
On Hold
Cross Site Scripting
storefront.dalcoonline.com
18.04.2018
On Hold
Cross Site Scripting
billhicksco.com
18.04.2018
On Hold
Cross Site Scripting
supplyhq.com
18.04.2018
On Hold
Cross Site Scripting
shop.dynamicfastener.com
18.04.2018
On Hold
Cross Site Scripting
store.cableconnectionsupply.com
18.04.2018
On Hold
Cross Site Scripting
rhsparts.com
18.04.2018
On Hold
Cross Site Scripting
storefront.ldcarlson.com
18.04.2018
On Hold
Cross Site Scripting
rmpmaintenance.com
18.04.2018
On Hold
Cross Site Scripting
storefront.paperproducts-pgh.com
18.04.2018
On Hold
Cross Site Scripting
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ... 116 117 118 119


  LATEST VIP SUBMISSIONS

balenciaga.com
Reported by The_Pentester Helped patch 24 vulnerabilities
Received 1 Coordinated Disclosure badges on 20.04.2018
uindy.worldcat.org
Reported by AndreCalvinho Helped patch 1457 vulnerabilities
Received 10 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
walgreens.com
Reported by mystaceus Helped patch 1 vulnerabilities
Received 0 Coordinated Disclosure badges on 20.04.2018
pbskids.org
Reported by Reboot_Ex Helped patch 5 vulnerabilities
Received 1 Coordinated Disclosure badges on 20.04.2018
unige.ch
Reported by Reboot_Ex Helped patch 5 vulnerabilities
Received 1 Coordinated Disclosure badges on 20.04.2018
ec.europa.eu
Reported by OOS Helped patch 49 vulnerabilities
Received 2 Coordinated Disclosure badges on 20.04.2018
ndr.de
Reported by xx Helped patch 150 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 13 recommendations on 20.04.2018
daft.ie
Reported by xx Helped patch 150 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 13 recommendations on 20.04.2018
ecuagol.com
Reported by OmniGooch Helped patch 2130 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 8 recommendations on 20.04.2018
podbay.fm
Reported by OmniGooch Helped patch 2130 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 8 recommendations on 20.04.2018



  LATEST SUBMISSIONS

pvanduijvenvoorde.nl
Reported by fakessh Helped patch 485 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
wieringsoftware.nl
Reported by fakessh Helped patch 485 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
thuiszorginis.nl
Reported by fakessh Helped patch 485 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
www1.dystar.com
Reported by b3s3cure Helped patch 8 vulnerabilities
Received 0 Coordinated Disclosure badges on 20.04.2018
uqroo.mx
Reported by b3s3cure Helped patch 8 vulnerabilities
Received 0 Coordinated Disclosure badges on 20.04.2018
intranet.urv.cat
Reported by Gh05t_PT Helped patch 0 vulnerabilities
Received 0 Coordinated Disclosure badges on 20.04.2018
library.aus.edu
Reported by Gh05t_PT Helped patch 0 vulnerabilities
Received 0 Coordinated Disclosure badges on 20.04.2018
stonevine.co.uk
Reported by AndreCalvinho Helped patch 1457 vulnerabilities
Received 10 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
stocksignes.fr
Reported by AndreCalvinho Helped patch 1457 vulnerabilities
Received 10 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
stock-bureau.fr
Reported by AndreCalvinho Helped patch 1457 vulnerabilities
Received 10 Coordinated Disclosure badges
Received 28 recommendations on 20.04.2018
Making Web a Safer Place
Coordinated & Responsible Disclosure
Based on ISO 29147 Guidelines
© 2014 - 2018
  • Follow us