Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 477,652 coordinated disclosures
257,489 fixed vulnerabilities
634 bug bounties with 1261 websites
13,034 researchers, 1001 honor badges

devl00p Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher devl00p has already helped fix 800 vulnerabilities.



Researcher reputation:  130

Real name:
Nicolas Surribas

About me:
I'm a french security researcher.
I'm also the creator of Wapiti, the open-source web vulnerability scanner.

How to contact me:
nicolas.surribas 4t gmail d0t com

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Donations:
Paypal paypal.me/devl00p

Follow me on:
Twitter

Recommendations and Acknowledgements

    26 November, 2019
     adventurent_ Carlos from adventurent:
Nicolas made us aware of an XSS vulnerability on our site and let us know the issue really fast so we were able to fix it within a short time. Thanks a lot!
    21 November, 2019
     ponba25 Jayanta Biswas from INK Content, Inc.:
Thank you Nicolas for your research and reporting XSS vulnerability, we have fixed the issue according to your recommendation/research. Could you please check it once. Thanks
    11 November, 2019
     JosephA44367494 Joseph Anderson from Fashion Institute of Technology:
Special thanks to Nicolas for quickly helping us to patch a vulnerability on our site!
    23 October, 2019
     astroseekcom Petr9 from Astro-Seek.com:
Thank you for informing me about xss vulnerability.
    10 October, 2019
     jshrc Josh Rice from CCFL:
Nicolas was quick to let us know what the vulnerabilities were on our site. Thanks again!
    14 September, 2019
     dusalnet Almas from Dusal:
Thank you for research and reporting XSS vulnerability of my site.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:7443
Total reports on VIP sites:555
Total patched vulnerabilities:800
Total vulnerabilities on Hold (Open Bug Bounty):6375
Recommendations received:6
Active since:09.09.2019
Top Security Researcher Awards: Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate





No posts in blog yet


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting
06.10.2019
On Hold
Open Redirect
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting
06.10.2019
On Hold
Cross Site Scripting
06.10.2019
patched
Cross Site Scripting

  Latest Patched

 15.12.2019 uni-due.de
 15.12.2019 usp.ac.fj
 14.12.2019 har.com
 14.12.2019 hackaday.io
 13.12.2019 alamy.com
 13.12.2019 gnu.org
 13.12.2019 womensecret.com
 13.12.2019 chrono24.com
 13.12.2019 minube.com

  Latest Blog Posts

27.11.2019 by TahakhanTaha
Reflected xss in 360totalsecurity
21.11.2019 by TahakhanTaha
blind xss in apple
30.10.2019 by Nep_1337_1998
Denial of Service vulnerability in script-loader.php (CVE-2018-6389)
17.10.2019 by 0xrocky
Stored XSS
17.10.2019 by geeknik
The "S" in IOT is for Security

  Recent Recommendations

    10 December, 2019
     jnswbr:
Vielen Dank für den XSS-Hinweis.
Der Fehler wurde umgehend korrigiert!
    10 December, 2019
     xo_shopsoftware:
Helped us quickly to fix an open GIT exploit on our website.
Many thanks to your work!
    10 December, 2019
     cyberday_gmbh:
thanks for reporting the xss issue
    9 December, 2019
     TristanGuiheux:
Kenan G. has helped us to find and fix some issues on web sites we're protecting. This kind of help is greatly appreciated from a security perspective. This way we can improve ourselves and protect our customers. Thanks again in my name.
    6 December, 2019
     r0m01736939:
Thank you for your report. I was able to fix it quickly :)