Security Researcher devl00p

OpenBugBounty.org > Security Researchers > devl00p

devl00p Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Security researcher devl00p has already helped fix 2581 vulnerabilities.

Info
Recommendations
Badges
Statistics
Certificate
Blog

Researcher reputation: 310

Real name:
Nicolas Surribas

About me:
I'm a french security researcher.
I'm also the creator of Wapiti, the open-source web vulnerability scanner.

Why I'm scanning the web for vulnerabilities and how I do it :
https://t.co/Q9KMr2Kdla

How to contact me:
nicolas.surribas 4t gmail d0t com

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Donations to help the Wapiti project:
Paypal paypal.me/devl00p

Follow me on:
Twitter

Recommendations and Acknowledgements

6 February, 2020

CoolgearLabs Caleb from Coolgear:

Thank you for the report, we'll get it cleared up ASAP.

30 January, 2020

vseowow Vincent from Spacio:

Thanks for the bug report and quick responses!

22 January, 2020

betterexplained Kalid Azad from betterexplained:

Thanks for the bug report!

18 January, 2020

damnitjim Aye from Formulation:

Thanks for taking the time to report the weaknesses and really appreciate the wapiti tool that you've developed.

14 January, 2020

Regina0xFFFF Regina from geom:

Thanks Nicolas for reporting me an XSS on my site. Fixed it now!

8 January, 2020

aing3l Ang3l from Lorma Colleges:

Thank you for the report and getting in touch to resolve a vulnerability in one of our sites. Hats off!

7 January, 2020

ChVuagniaux Christophe from inetis:

Thanks to Nicolas for informed us about a vulnerability on one of our website and gived us informations about reproducibility very fast.

3 January, 2020

astroseekcom Petr9 from Astro-Seek.com:

Thank you for informing me about another XSS vulnerability.

3 January, 2020

pavelmusil Pavel Musil from Pavel Musil:

Thank you for your reporting XSS vulnerability.

26 November, 2019

adventurent_ Carlos from adventurent:

Nicolas made us aware of an XSS vulnerability on our site and let us know the issue really fast so we were able to fix it within a short time. Thanks a lot!

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites


10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research


WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements


Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch


Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition


REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author


1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	8884
Total reports on VIP sites:	602
Total patched vulnerabilities:	2581
Recommendations received:	15
Active since:	09.09.2019
Top Security Researcher Awards:	Top Security Researcher of the Month
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

08.01.2020 Top 100 Open Redirect dorks

Just like previous list of XSS dorks but this time for Open Redirect vulnerabilities. First with most common parameters then parameters along with path.

page	19.3%
url	13.1%
ret	10.0%
r2	9.8%
img	7.0%
u	4.4%
return	2.6%
r	2.6%
URL	2.4%
next	2.0%
redirect	2.0%
redirectBack	1.6%
AuthState	1.2%
referer	0.8%
redir	0.8%
l	0.8%
aspxerrorpath	0.6%
image_path	0.6%
ActionCodeURL	0.6%
return_url	0.6%
link	0.6%
q	0.6%
location	0.6%
ReturnUrl	0.6%
uri	0.4%
referrer	0.4%
returnUrl	0.4%
forward	0.4%
file	0.4%
rb	0.4%
end_display	0.4%
urlact	0.4%
from	0.4%
goto	0.4%
path	0.4%
redirect_url	0.4%
old	0.4%
pathlocation	0.2%
successTarget	0.2%
returnURL	0.2%
urlsito	0.2%
newurl	0.2%
Url	0.2%
back	0.2%
retour	0.2%
odkazujuca_linka	0.2%
r_link	0.2%
cur_url	0.2%
H_name	0.2%
ref	0.2%
topic	0.2%
resource	0.2%
returnTo	0.2%
home	0.2%
node	0.2%
sUrl	0.2%
href	0.2%
linkurl	0.2%
returnto	0.2%
redirecturl	0.2%
SL	0.2%
st	0.2%
errorUrl	0.2%
media	0.2%
destination	0.2%
targeturl	0.2%
return_to	0.2%
cancel_url	0.2%
doc	0.2%
GO	0.2%
ReturnTo	0.2%
anything	0.2%
FileName	0.2%
logoutRedirectURL	0.2%
list	0.2%
startUrl	0.2%
service	0.2%
redirect_to	0.2%
end_url	0.2%
_next	0.2%
noSuchEntryRedirect	0.2%
context	0.2%
returnurl	0.2%
ref_url	0.2%

/?page=	18.5
/index.php?ret=	10.0
/analytics/hit.php?r2=	9.8
/api/thumbnail?img=	7.0
/e.html?u=	3.2
/actions/act_continueapplication.cfm?r=	2.4
/redirect2/?url=	2.0
/Shibboleth.sso/Logout?return=	1.2
/ui/clear-selected/?next=	1.2
/Home/Redirect?url=	1.2
/jobs/?l=	0.8
/Error.aspx?aspxerrorpath=	0.6
/r.php?u=	0.6
/services/logo_handler.ashx?image_path=	0.6
/AddProduct.aspx?ActionCodeURL=	0.6
/tools/login/default.asp?page=	0.6
/spip.php?url=	0.6
/usermanagement/mailGeneratedPassword?referer=	0.6
/?return=	0.6
/?redir=	0.6
/simplesaml/module.php/core/loginuserpass.php?AuthState=	0.6
/out.php?url=	0.6
/affiche.php?uri=	0.4
/redirector.php?url=	0.4
/cgi/set_lang?referrer=	0.4
/blog/click?url=	0.4
/site.php?url=	0.4
/download2.php?file=	0.4
/jump.php?url=	0.4
/redirect/?redirect=	0.4
/admin/track/track?redirect=	0.4
/switch.php?rb=	0.4
/php-scripts/form-handler.php?end_display=	0.4
/cg/rk/?url=	0.4
/tosite.php?url=	0.4
/cambioidioma.php?urlact=	0.4
/accueil/spip.php?url=	0.4
/IRB/sd/Rooms/RoomComponents/LoginView/GetSessionAndBack?redirectBack=	0.4
/search?q=	0.4
/default.aspx?URL=	0.4
/initiate-sso-login/?redirect_url=	0.4
/module.php/core/loginuserpass.php?AuthState=	0.4
/authentication/check_login?old=	0.4
/RedirectToDoc.aspx?URL=	0.4
/shop/bannerhit.php?url=	0.4
/acceptcookies/?ReturnUrl=	0.4
/index.php?url=	0.4
/publang?url=	0.2
/home/helperpage?url=	0.2
/widgets.aspx?url=	0.2
/_lang/en?next=	0.2
/application/en?url=	0.2
/common/topcorm.do?pathlocation=	0.2
/main/action?successTarget=	0.2
/Videos/SetCulture?returnURL=	0.2
/Localize/ChangeLang?returnUrl=	0.2
/_goToSite.asp?urlsito=	0.2
/redir?url=	0.2
/admin/auth/logined?redirect=	0.2
/linkforward?forward=	0.2
/modules/babel/redirect.php?newurl=	0.2
/umbraco/Surface/LanguageSurface/ChangeLanguage?Url=	0.2
/langswitcher.php?url=	0.2
/redirect/?url=	0.2
/i18n/i18n_user_currencies/change_currency?back=	0.2
/accessibilite/textBackUp/?retour=	0.2
/fncBox.php?url=	0.2
/all4shop-akcie.php?odkazujuca_linka=	0.2
/openurl.php?url=	0.2
/te3/out.php?u=	0.2
/utils/set_language.html?return_url=	0.2
/trigger.php?r_link=	0.2
/home/lng?cur_url=	0.2
/goto?url=	0.2
/o.php?url=	0.2
/link-master/19/follow?link=	0.2
/hack.php?H_name=	0.2
/bmad/namhoc.php?return=	0.2
/maven/stats.asp?ref=	0.2
/Main/WebHome?topic=	0.2
/bin/fusion/imsLogin?resource=	0.2
/languechange.aspx?url=	0.2
/bloques/bannerclick.php?url=	0.2
/changesiteversion-full?referer=	0.2
/out.php?link=	0.2
/bgpage?r=	0.2
/signout?returnTo=	0.2
/switch_lang.php?return_url=	0.2
/nousername.php?redir=	0.2
/i/logout?return=	0.2
/util_goto_detail_home.cfm?home=	0.2
/misc/oldmenu.html?from=	0.2
/click.php?url=	0.2
/bitrix/rdc/?goto=	0.2
/?node=	0.2
/setLanguage.php?return=	0.2
/redirect/ad?url=	0.2
/redirect.php?sUrl=	0.2
/redirect?url=	0.2
/url?url=	0.2

28.12.2019 Top 100 XSS dorks

It's the end of the year and a good time to share things with people.

After having scanned more than a million websites in order to find XSS and Open Redirect vulnerabilities, I took the time to do statistics on the most vulnerables parameters.

It can be used as a powerful dork list so let's update your scanners and get bounties!

First here is the list of most vulnerable parameters along with their frequency.

Dork	Frequency
q	5.5%
s	4.5%
search	1.9%
id	1.7%
lang	1.4%
keyword	1.2%
query	1.1%
page	1.0%
keywords	0.8%
year	0.8%
view	0.8%
email	0.8%
type	0.7%
name	0.7%
p	0.7%
month	0.6%
immagine	0.6%
list_type	0.5%
url	0.5%
terms	0.5%
categoryid	0.5%
key	0.5%
l	0.5%
begindate	0.4%
enddate	0.4%
categoryid2	0.4%
t	0.4%
cat	0.4%
category	0.4%
action	0.4%
bukva	0.4%
redirect_uri	0.4%
firstname	0.4%
c	0.4%
lastname	0.3%
uid	0.3%
startTime	0.3%
eventSearch	0.3%
categoryids2	0.3%
categoryids	0.3%
sort	0.3%
positiontitle	0.3%
groupid	0.3%
m	0.3%
message	0.3%
tag	0.3%
pn	0.3%
title	0.3%
orgId	0.3%
text	0.3%
handler	0.2%
myord	0.2%
myshownums	0.2%
id_site	0.2%
city	0.2%
search_query	0.2%
msg	0.2%
sortby	0.2%
produkti_po_cena	0.2%
produkti_po_ime	0.2%
mode	0.2%
CODE	0.2%
location	0.2%
v	0.2%
order	0.2%
n	0.2%
term	0.2%
start	0.2%
k	0.2%
redirect	0.2%
ref	0.2%
file	0.2%
mebel_id	0.2%
country	0.2%
from	0.1%
r	0.1%
f	0.1%
field%5B%5D	0.1%
searchScope	0.1%
state	0.1%
phone	0.1%
Itemid	0.1%
lng	0.1%
place	0.1%
bedrooms	0.1%
expand	0.1%
e	0.1%
price	0.1%
d	0.1%
path	0.1%
address	0.1%
day	0.1%
display	0.1%
a	0.1%
error	0.1%
form	0.1%
language	0.1%
mls	0.1%
kw	0.1%
u	0.1%

This second list is almost the same but with corresponding path :

Dork	Frequency
/?s=	3.6
/search?q=	2.5
/index.php?lang=	0.6
/pplay/info_prenotazioni.asp?immagine=	0.6
/shared/lgflsearch.php?terms=	0.5
/index.php?page=	0.4
/search?query=	0.4
/en/Telefon-Cam?search=	0.4
/index.php?bukva=	0.4
/pro/events_print_setup.cfm?list_type=	0.3
/pro/events_print_setup.cfm?categoryid=	0.3
/pro/events_print_setup.cfm?categoryid2=	0.3
/?eventSearch=	0.3
/?startTime=	0.3
/pro/events_ical.cfm?categoryids=	0.3
/pro/events_ical.cfm?categoryids2=	0.3
/pro/events_print_setup.cfm?month=	0.3
/pro/events_print_setup.cfm?year=	0.3
/pro/events_print_setup.cfm?begindate=	0.3
/pro/events_print_setup.cfm?enddate=	0.3
/search?keyword=	0.3
/?q=	0.3
/search/?q=	0.3
/index.php?pn=	0.3
/?lang=	0.3
/property/search?uid=	0.3
/index.php?id=	0.3
/search?orgId=	0.3
/products?handler=	0.2
/pro/events_print_setup.cfm?view=	0.2
/pro/events_print_setup.cfm?keywords=	0.2
/?p=	0.2
/search.php?q=	0.2
/?search=	0.2
/pro/minicalendar_detail.cfm?list_type=	0.2
/index.php?produkti_po_cena=	0.2
/index.php?produkti_po_ime=	0.2
/servlet/com.jsbsoft.jtf.core.SG?CODE=	0.2
/login?redirect_uri=	0.2
/connexion?redirect_uri=	0.2
/index.php?action=	0.2
/plugins/actu/listing_actus-front.php?id_site=	0.2
/index.php?mebel_id=	0.2
/search/?search=	0.2
/news/class/index.php?myshownums=	0.2
/news/class/index.php?myord=	0.2
/search.html?searchScope=	0.1
/search?field%5B%5D=	0.1
/videos?tag=	0.1
/videos?place=	0.1
/videos?search=	0.1
/?email=	0.1
/?cat=	0.1
/content.php?expand=	0.1
/?page=	0.1
/search/?s=	0.1
/?keywords=	0.1
/search/?keyword=	0.1
/apps/email/index.jsp?n=	0.1
/?name=	0.1
/?sort=	0.1
/search?search=	0.1
/pro/minicalendar_print_setup.cfm?begindate=	0.1
/pro/minicalendar_print_setup.cfm?enddate=	0.1
/pro/minicalendar_print_setup.cfm?keywords=	0.1
/search-results?q=	0.1
/?listingtypeid=	0.1
/search?s=	0.1
/pro/minicalendar_print_setup.cfm?categoryid2=	0.1
/?bathrooms=	0.1
/?listingagent=	0.1
/?featuredsearchseourl=	0.1
/?squarefeet=	0.1
/?siteid=	0.1
/?bedrooms=	0.1
/?featuredsearch=	0.1
/?price=	0.1
/?maxbuilt=	0.1
/?lsid=	0.1
/?listingtypes=	0.1
/?garages=	0.1
/?maxprice=	0.1
/?minprice=	0.1
/?keywordsany=	0.1
/?yearbuilt=	0.1
/?minbuilt=	0.1
/?subdivision=	0.1
/?lotsizeval=	0.1
/?listingstatusid=	0.1
/?mls=	0.1
/firms/?text=	0.1
/servlet/com.jsbsoft.jtf.core.SG?OBJET=	0.1
/plan_du_site.php?lang=	0.1
/index.php?Itemid=	0.1
/?view=	0.1
/?t=	0.1
/?selat=	0.1
/?selong=	0.1
/?nwlat=	0.1
/?geo=	0.1

I hope you enjoy this :)

Reported Vulnerabilities

All Submissions VIP Submissions Featured Submissions

Domain	Reported	Status	Type
leadership.columbusstate.edu	31.10.2019	unpatched	Cross Site Scripting
verschoorwitgoed.nl	31.10.2019	unpatched	Cross Site Scripting
startupeuropesummit.com	31.10.2019	unpatched	Cross Site Scripting
sohirealty.com	31.10.2019	unpatched	Cross Site Scripting
schreinerei-schoenwaelder.de	31.10.2019	unpatched	Cross Site Scripting
pistahousenewyork.com	31.10.2019	unpatched	Cross Site Scripting
klothen-tiefbau.de	31.10.2019	unpatched	Cross Site Scripting
kingsgardenchicagoflorist.com	31.10.2019	unpatched	Cross Site Scripting
fts-tuning.de	31.10.2019	unpatched	Cross Site Scripting
echtours.com	31.10.2019	unpatched	Cross Site Scripting
dendekkerassurantien.nl	31.10.2019	unpatched	Cross Site Scripting
de-coda.de	31.10.2019	unpatched	Cross Site Scripting
avks.in	31.10.2019	unpatched	Cross Site Scripting
arbogaexpressbyra.se	31.10.2019	unpatched	Cross Site Scripting
alazzi.se	31.10.2019	unpatched	Cross Site Scripting
web02-1.nkv.se	31.10.2019	unpatched	Cross Site Scripting
panel.dpo.run	30.10.2019	unpatched	Cross Site Scripting
okiyoshimaru.com	30.10.2019	unpatched	Cross Site Scripting
mail.saramada.ir	30.10.2019	unpatched	Cross Site Scripting
mail.mylifestylediet.com	30.10.2019	unpatched	Cross Site Scripting

242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 ... 438 439 440 441

Twitter Login		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Report a Vulnerability
Browse Bug Bounty Programs
Write a Blog Post
Ask a Question

Start a Bug Bounty		HOW IT WORKS Download presentation and learn how our service works PDF, 1MB
Ask a Question
API