binit | Security Researcher Profile
Security researcher binit has already helped fix 20 vulnerabilities.
Researcher reputation: 50
Real name:
Binit Ghimire
About me:
Software Engineer - Doing Offensive Security and DevSecOps! (Nepal)
Contact email:
[email protected]
Certifications & Diplomas:
Finished high school! Doing Bachelor of Computer Engineering currently!
Experience in Application Security
over 5 years
Award / Bug Bounty I prefer:
Hall of Fame, T-Shirt, Bug Bounty Payment (Wire Transfer to Nepal, Western Union, Skrill) or anything you'd like to provide.
Halls of Fame:
Facebook, Microsoft, Alibaba, US Department of Defense, Coinbase, etc.
Ethics and Rules:
Binit Ghimire is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.
Recommendations and Acknowledgements
Thanks for responsibly reporting a security weakness on our website. We greatly appreciate you telling us about it. |
Dear Binit Ghimire, The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria. |
Thanks for reporting the bug. Your work is very appreciated. |
Honor Badges
Number of Secured Websites
|
|
|
|
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
|
|
|
|
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
|
|
|
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
|
|
|
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
|
|
|
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
|
|
|
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 95 |
Total reports on VIP sites: | 9 |
Total patched vulnerabilities: | 20 |
Recommendations received: | 3 |
Active since: | 01.08.2018 |
24.04.2019 Stored Cross-site Scripting (XSS) vulnerability in Charitybuzz.com
How I was able to discover a Stored XSS vulnerability in Charitybuzz.com - Binit Ghimire24.04.2019 Stored Cross-site Scripting (XSS) vulnerability in 1MB.site
How I discovered a Stored XSS vulnerability in 1MB.site - Binit Ghimire24.04.2019 I was able to Set the Date beyond the Possible Date on Facebook - Informative Issue
24.04.2019 How I was able to Discover a Stored Cross-site Scripting (XSS) vulnerability in Flaticon
How I was able to Discover a Stored Cross-site Scripting (XSS) vulnerability in Flaticon - Binit Ghimire22.04.2019 How I was able to create Unauthorized Comments on Facebook Live Stream
Back in October, 2018, I discovered a vulnerability on Facebook that allowed me to create unauthorized comments on live streams of people who aren't my friends and don't allow non-friends to comment on their posts.
For this vulnerability, the Facebook Security Team rewarded me a bounty amount of $750, which was the first ever bounty that I ever received.
Please login via Twitter to add a recommendation