devl00p
Top VIP Security Researcher
Top Security Researcher
Top Security Researcher of the Month
Top VIP Security Researcher of the Month | Security Researcher Profile
Security researcher devl00p has already helped fix 26948 vulnerabilities.
Researcher reputation: 570
Real name:
Nicolas Surribas
About me:
I'm a french security researcher.
I'm also the creator of Wapiti, the open-source web vulnerability scanner.
Why I'm scanning the web for vulnerabilities and how I do it :
https://t.co/Q9KMr2Kdla
How to contact me:
nicolas.surribas 4t gmail d0t com
Experience in Application Security
over 5 years
Award / Bug Bounty I prefer:
Donations to help the Wapiti project:
Paypal paypal.me/devl00p
Follow me on:
Twitter
Recommendations and Acknowledgements


Thanks devl00p for your kind report! We found an XSS bug and been able to solve it thanks to your help. Cheers! |


Thanks to your kindness, I was able to fix the XSS vulnerability on our site very quickly. Thank you very much. |


Thanks devl00p for the identification of an XSS bug. We fixed it thanks to you ! |


Dear devl00p, the SOC of Politecnico di Milano would like to thank you for disclosing us multiple XSS vulnerabilities on our infrastructure. |


Thank you very much for finding XSS bug. You correspond to a contact from me politely each time, and I thank. I had a wonderful person find it, but I was lucky. |


Quick, informative and friendly response. Thanks! |


Many thanks for reporting the bug and providing us with all the information required to patch it. |


Thank you for your efforts and reporting the XSS vulnerability you found on my website. |
Shows the first 10 recommendations. See all.
Honor Badges
Number of Secured Websites
![]() |
![]() |
![]() |
![]() |
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
![]() |
![]() |
![]() |
![]() |
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
![]() |
![]() |
![]() |
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
![]() |
![]() |
![]() |
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
![]() |
![]() |
![]() |
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
![]() |
![]() |
![]() |
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 153378 |
Total reports on VIP sites: | 4363 |
Total patched vulnerabilities: | 26948 |
Total vulnerabilities on Hold (Open Bug Bounty): | 68105 |
Recommendations received: | 28 |
Active since: | 09.09.2019 |
Top Security Researcher Awards: | ![]() ![]() ![]() |
Top VIP Security Researcher Awards: | ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
08.01.2020 Top 100 Open Redirect dorks
Just like previous list of XSS dorks but this time for Open Redirect vulnerabilities. First with most common parameters then parameters along with path.page | 19.3% |
url | 13.1% |
ret | 10.0% |
r2 | 9.8% |
img | 7.0% |
u | 4.4% |
return | 2.6% |
r | 2.6% |
URL | 2.4% |
next | 2.0% |
redirect | 2.0% |
redirectBack | 1.6% |
AuthState | 1.2% |
referer | 0.8% |
redir | 0.8% |
l | 0.8% |
aspxerrorpath | 0.6% |
image_path | 0.6% |
ActionCodeURL | 0.6% |
return_url | 0.6% |
link | 0.6% |
q | 0.6% |
location | 0.6% |
ReturnUrl | 0.6% |
uri | 0.4% |
referrer | 0.4% |
returnUrl | 0.4% |
forward | 0.4% |
file | 0.4% |
rb | 0.4% |
end_display | 0.4% |
urlact | 0.4% |
from | 0.4% |
goto | 0.4% |
path | 0.4% |
redirect_url | 0.4% |
old | 0.4% |
pathlocation | 0.2% |
successTarget | 0.2% |
returnURL | 0.2% |
urlsito | 0.2% |
newurl | 0.2% |
Url | 0.2% |
back | 0.2% |
retour | 0.2% |
odkazujuca_linka | 0.2% |
r_link | 0.2% |
cur_url | 0.2% |
H_name | 0.2% |
ref | 0.2% |
topic | 0.2% |
resource | 0.2% |
returnTo | 0.2% |
home | 0.2% |
node | 0.2% |
sUrl | 0.2% |
href | 0.2% |
linkurl | 0.2% |
returnto | 0.2% |
redirecturl | 0.2% |
SL | 0.2% |
st | 0.2% |
errorUrl | 0.2% |
media | 0.2% |
destination | 0.2% |
targeturl | 0.2% |
return_to | 0.2% |
cancel_url | 0.2% |
doc | 0.2% |
GO | 0.2% |
ReturnTo | 0.2% |
anything | 0.2% |
FileName | 0.2% |
logoutRedirectURL | 0.2% |
list | 0.2% |
startUrl | 0.2% |
service | 0.2% |
redirect_to | 0.2% |
end_url | 0.2% |
_next | 0.2% |
noSuchEntryRedirect | 0.2% |
context | 0.2% |
returnurl | 0.2% |
ref_url | 0.2% |
/?page= | 18.5 |
/index.php?ret= | 10.0 |
/analytics/hit.php?r2= | 9.8 |
/api/thumbnail?img= | 7.0 |
/e.html?u= | 3.2 |
/actions/act_continueapplication.cfm?r= | 2.4 |
/redirect2/?url= | 2.0 |
/Shibboleth.sso/Logout?return= | 1.2 |
/ui/clear-selected/?next= | 1.2 |
/Home/Redirect?url= | 1.2 |
/jobs/?l= | 0.8 |
/Error.aspx?aspxerrorpath= | 0.6 |
/r.php?u= | 0.6 |
/services/logo_handler.ashx?image_path= | 0.6 |
/AddProduct.aspx?ActionCodeURL= | 0.6 |
/tools/login/default.asp?page= | 0.6 |
/spip.php?url= | 0.6 |
/usermanagement/mailGeneratedPassword?referer= | 0.6 |
/?return= | 0.6 |
/?redir= | 0.6 |
/simplesaml/module.php/core/loginuserpass.php?AuthState= | 0.6 |
/out.php?url= | 0.6 |
/affiche.php?uri= | 0.4 |
/redirector.php?url= | 0.4 |
/cgi/set_lang?referrer= | 0.4 |
/blog/click?url= | 0.4 |
/site.php?url= | 0.4 |
/download2.php?file= | 0.4 |
/jump.php?url= | 0.4 |
/redirect/?redirect= | 0.4 |
/admin/track/track?redirect= | 0.4 |
/switch.php?rb= | 0.4 |
/php-scripts/form-handler.php?end_display= | 0.4 |
/cg/rk/?url= | 0.4 |
/tosite.php?url= | 0.4 |
/cambioidioma.php?urlact= | 0.4 |
/accueil/spip.php?url= | 0.4 |
/IRB/sd/Rooms/RoomComponents/LoginView/GetSessionAndBack?redirectBack= | 0.4 |
/search?q= | 0.4 |
/default.aspx?URL= | 0.4 |
/initiate-sso-login/?redirect_url= | 0.4 |
/module.php/core/loginuserpass.php?AuthState= | 0.4 |
/authentication/check_login?old= | 0.4 |
/RedirectToDoc.aspx?URL= | 0.4 |
/shop/bannerhit.php?url= | 0.4 |
/acceptcookies/?ReturnUrl= | 0.4 |
/index.php?url= | 0.4 |
/publang?url= | 0.2 |
/home/helperpage?url= | 0.2 |
/widgets.aspx?url= | 0.2 |
/_lang/en?next= | 0.2 |
/application/en?url= | 0.2 |
/common/topcorm.do?pathlocation= | 0.2 |
/main/action?successTarget= | 0.2 |
/Videos/SetCulture?returnURL= | 0.2 |
/Localize/ChangeLang?returnUrl= | 0.2 |
/_goToSite.asp?urlsito= | 0.2 |
/redir?url= | 0.2 |
/admin/auth/logined?redirect= | 0.2 |
/linkforward?forward= | 0.2 |
/modules/babel/redirect.php?newurl= | 0.2 |
/umbraco/Surface/LanguageSurface/ChangeLanguage?Url= | 0.2 |
/langswitcher.php?url= | 0.2 |
/redirect/?url= | 0.2 |
/i18n/i18n_user_currencies/change_currency?back= | 0.2 |
/accessibilite/textBackUp/?retour= | 0.2 |
/fncBox.php?url= | 0.2 |
/all4shop-akcie.php?odkazujuca_linka= | 0.2 |
/openurl.php?url= | 0.2 |
/te3/out.php?u= | 0.2 |
/utils/set_language.html?return_url= | 0.2 |
/trigger.php?r_link= | 0.2 |
/home/lng?cur_url= | 0.2 |
/goto?url= | 0.2 |
/o.php?url= | 0.2 |
/link-master/19/follow?link= | 0.2 |
/hack.php?H_name= | 0.2 |
/bmad/namhoc.php?return= | 0.2 |
/maven/stats.asp?ref= | 0.2 |
/Main/WebHome?topic= | 0.2 |
/bin/fusion/imsLogin?resource= | 0.2 |
/languechange.aspx?url= | 0.2 |
/bloques/bannerclick.php?url= | 0.2 |
/changesiteversion-full?referer= | 0.2 |
/out.php?link= | 0.2 |
/bgpage?r= | 0.2 |
/signout?returnTo= | 0.2 |
/switch_lang.php?return_url= | 0.2 |
/nousername.php?redir= | 0.2 |
/i/logout?return= | 0.2 |
/util_goto_detail_home.cfm?home= | 0.2 |
/misc/oldmenu.html?from= | 0.2 |
/click.php?url= | 0.2 |
/bitrix/rdc/?goto= | 0.2 |
/?node= | 0.2 |
/setLanguage.php?return= | 0.2 |
/redirect/ad?url= | 0.2 |
/redirect.php?sUrl= | 0.2 |
/redirect?url= | 0.2 |
/url?url= | 0.2 |
28.12.2019 Top 100 XSS dorks
It's the end of the year and a good time to share things with people.After having scanned more than a million websites in order to find XSS and Open Redirect vulnerabilities, I took the time to do statistics on the most vulnerables parameters.
It can be used as a powerful dork list so let's update your scanners and get bounties!
First here is the list of most vulnerable parameters along with their frequency.
Dork | Frequency |
---|---|
q | 5.5% |
s | 4.5% |
search | 1.9% |
id | 1.7% |
lang | 1.4% |
keyword | 1.2% |
query | 1.1% |
page | 1.0% |
keywords | 0.8% |
year | 0.8% |
view | 0.8% |
0.8% | |
type | 0.7% |
name | 0.7% |
p | 0.7% |
month | 0.6% |
immagine | 0.6% |
list_type | 0.5% |
url | 0.5% |
terms | 0.5% |
categoryid | 0.5% |
key | 0.5% |
l | 0.5% |
begindate | 0.4% |
enddate | 0.4% |
categoryid2 | 0.4% |
t | 0.4% |
cat | 0.4% |
category | 0.4% |
action | 0.4% |
bukva | 0.4% |
redirect_uri | 0.4% |
firstname | 0.4% |
c | 0.4% |
lastname | 0.3% |
uid | 0.3% |
startTime | 0.3% |
eventSearch | 0.3% |
categoryids2 | 0.3% |
categoryids | 0.3% |
sort | 0.3% |
positiontitle | 0.3% |
groupid | 0.3% |
m | 0.3% |
message | 0.3% |
tag | 0.3% |
pn | 0.3% |
title | 0.3% |
orgId | 0.3% |
text | 0.3% |
handler | 0.2% |
myord | 0.2% |
myshownums | 0.2% |
id_site | 0.2% |
city | 0.2% |
search_query | 0.2% |
msg | 0.2% |
sortby | 0.2% |
produkti_po_cena | 0.2% |
produkti_po_ime | 0.2% |
mode | 0.2% |
CODE | 0.2% |
location | 0.2% |
v | 0.2% |
order | 0.2% |
n | 0.2% |
term | 0.2% |
start | 0.2% |
k | 0.2% |
redirect | 0.2% |
ref | 0.2% |
file | 0.2% |
mebel_id | 0.2% |
country | 0.2% |
from | 0.1% |
r | 0.1% |
f | 0.1% |
field%5B%5D | 0.1% |
searchScope | 0.1% |
state | 0.1% |
phone | 0.1% |
Itemid | 0.1% |
lng | 0.1% |
place | 0.1% |
bedrooms | 0.1% |
expand | 0.1% |
e | 0.1% |
price | 0.1% |
d | 0.1% |
path | 0.1% |
address | 0.1% |
day | 0.1% |
display | 0.1% |
a | 0.1% |
error | 0.1% |
form | 0.1% |
language | 0.1% |
mls | 0.1% |
kw | 0.1% |
u | 0.1% |
This second list is almost the same but with corresponding path :
Dork | Frequency |
---|---|
/?s= | 3.6 |
/search?q= | 2.5 |
/index.php?lang= | 0.6 |
/pplay/info_prenotazioni.asp?immagine= | 0.6 |
/shared/lgflsearch.php?terms= | 0.5 |
/index.php?page= | 0.4 |
/search?query= | 0.4 |
/en/Telefon-Cam?search= | 0.4 |
/index.php?bukva= | 0.4 |
/pro/events_print_setup.cfm?list_type= | 0.3 |
/pro/events_print_setup.cfm?categoryid= | 0.3 |
/pro/events_print_setup.cfm?categoryid2= | 0.3 |
/?eventSearch= | 0.3 |
/?startTime= | 0.3 |
/pro/events_ical.cfm?categoryids= | 0.3 |
/pro/events_ical.cfm?categoryids2= | 0.3 |
/pro/events_print_setup.cfm?month= | 0.3 |
/pro/events_print_setup.cfm?year= | 0.3 |
/pro/events_print_setup.cfm?begindate= | 0.3 |
/pro/events_print_setup.cfm?enddate= | 0.3 |
/search?keyword= | 0.3 |
/?q= | 0.3 |
/search/?q= | 0.3 |
/index.php?pn= | 0.3 |
/?lang= | 0.3 |
/property/search?uid= | 0.3 |
/index.php?id= | 0.3 |
/search?orgId= | 0.3 |
/products?handler= | 0.2 |
/pro/events_print_setup.cfm?view= | 0.2 |
/pro/events_print_setup.cfm?keywords= | 0.2 |
/?p= | 0.2 |
/search.php?q= | 0.2 |
/?search= | 0.2 |
/pro/minicalendar_detail.cfm?list_type= | 0.2 |
/index.php?produkti_po_cena= | 0.2 |
/index.php?produkti_po_ime= | 0.2 |
/servlet/com.jsbsoft.jtf.core.SG?CODE= | 0.2 |
/login?redirect_uri= | 0.2 |
/connexion?redirect_uri= | 0.2 |
/index.php?action= | 0.2 |
/plugins/actu/listing_actus-front.php?id_site= | 0.2 |
/index.php?mebel_id= | 0.2 |
/search/?search= | 0.2 |
/news/class/index.php?myshownums= | 0.2 |
/news/class/index.php?myord= | 0.2 |
/search.html?searchScope= | 0.1 |
/search?field%5B%5D= | 0.1 |
/videos?tag= | 0.1 |
/videos?place= | 0.1 |
/videos?search= | 0.1 |
/?email= | 0.1 |
/?cat= | 0.1 |
/content.php?expand= | 0.1 |
/?page= | 0.1 |
/search/?s= | 0.1 |
/?keywords= | 0.1 |
/search/?keyword= | 0.1 |
/apps/email/index.jsp?n= | 0.1 |
/?name= | 0.1 |
/?sort= | 0.1 |
/search?search= | 0.1 |
/pro/minicalendar_print_setup.cfm?begindate= | 0.1 |
/pro/minicalendar_print_setup.cfm?enddate= | 0.1 |
/pro/minicalendar_print_setup.cfm?keywords= | 0.1 |
/search-results?q= | 0.1 |
/?listingtypeid= | 0.1 |
/search?s= | 0.1 |
/pro/minicalendar_print_setup.cfm?categoryid2= | 0.1 |
/?bathrooms= | 0.1 |
/?listingagent= | 0.1 |
/?featuredsearchseourl= | 0.1 |
/?squarefeet= | 0.1 |
/?siteid= | 0.1 |
/?bedrooms= | 0.1 |
/?featuredsearch= | 0.1 |
/?price= | 0.1 |
/?maxbuilt= | 0.1 |
/?lsid= | 0.1 |
/?listingtypes= | 0.1 |
/?garages= | 0.1 |
/?maxprice= | 0.1 |
/?minprice= | 0.1 |
/?keywordsany= | 0.1 |
/?yearbuilt= | 0.1 |
/?minbuilt= | 0.1 |
/?subdivision= | 0.1 |
/?lotsizeval= | 0.1 |
/?listingstatusid= | 0.1 |
/?mls= | 0.1 |
/firms/?text= | 0.1 |
/servlet/com.jsbsoft.jtf.core.SG?OBJET= | 0.1 |
/plan_du_site.php?lang= | 0.1 |
/index.php?Itemid= | 0.1 |
/?view= | 0.1 |
/?t= | 0.1 |
/?selat= | 0.1 |
/?selong= | 0.1 |
/?nwlat= | 0.1 |
/?geo= | 0.1 |
I hope you enjoy this :)
Reported Vulnerabilities
All Submissions VIP SubmissionsFeatured Submissions
Domain | Reported | Status | Type |
---|---|---|---|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
|
19.01.2021
|
On Hold
|
Cross Site Scripting |
Please login via Twitter to add a recommendation