Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 474,493 coordinated disclosures
255,346 fixed vulnerabilities
633 bug bounties with 1260 websites
12,953 researchers, 995 honor badges

devl00p Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher devl00p has already helped fix 592 vulnerabilities.



Researcher reputation:  130

Real name:
Nicolas Surribas

About me:
I'm a french security researcher.
I'm also the creator of Wapiti, the open-source web vulnerability scanner.

How to contact me:
nicolas.surribas 4t gmail d0t com

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Donations:
Paypal paypal.me/devl00p

Follow me on:
Twitter

Recommendations and Acknowledgements

    26 November, 2019
     adventurent_ Carlos from adventurent:
Nicolas made us aware of an XSS vulnerability on our site and let us know the issue really fast so we were able to fix it within a short time. Thanks a lot!
    21 November, 2019
     ponba25 Jayanta Biswas from INK Content, Inc.:
Thank you Nicolas for your research and reporting XSS vulnerability, we have fixed the issue according to your recommendation/research. Could you please check it once. Thanks
    11 November, 2019
     JosephA44367494 Joseph Anderson from Fashion Institute of Technology:
Special thanks to Nicolas for quickly helping us to patch a vulnerability on our site!
    23 October, 2019
     astroseekcom Petr9 from Astro-Seek.com:
Thank you for informing me about xss vulnerability.
    10 October, 2019
     jshrc Josh Rice from CCFL:
Nicolas was quick to let us know what the vulnerabilities were on our site. Thanks again!
    14 September, 2019
     dusalnet Almas from Dusal:
Thank you for research and reporting XSS vulnerability of my site.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:6959
Total reports on VIP sites:555
Total patched vulnerabilities:592
Total vulnerabilities on Hold (Open Bug Bounty):6415
Recommendations received:6
Active since:09.09.2019
Top Security Researcher Awards: Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate





No posts in blog yet


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
patched
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting
14.10.2019
On Hold
Cross Site Scripting

  Latest Patched

 09.12.2019 gamepedia.jp
 09.12.2019 brickset.com
 09.12.2019 neuvoo.com
 08.12.2019 mega.cl
 08.12.2019 instahu.net
 08.12.2019 tools.wmflabs.org
 08.12.2019 vashdosug.ru
 08.12.2019 nkj.ru
 08.12.2019 pngtree.com
 08.12.2019 neuvoo.co.za

  Latest Blog Posts

30.11.2019 by IAMMUSTAFAQADRI
How to hack an app: 8 best practices for pen testing mobile apps
27.11.2019 by TahakhanTaha
Reflected xss in 360totalsecurity
21.11.2019 by TahakhanTaha
blind xss in apple
30.10.2019 by Nep_1337_1998
Denial of Service vulnerability in script-loader.php (CVE-2018-6389)
17.10.2019 by 0xrocky
Stored XSS

  Recent Recommendations

    6 December, 2019
     r0m01736939:
Thank you for your report. I was able to fix it quickly :)
    6 December, 2019
     Buchabstauber:
We would like to thank you for your valuable contribution in finding the XSS issue on our site! You have been very helpful!
    4 December, 2019
     fablabc:
Thanks for reporting a high risky issue to me. You are awesome
    4 December, 2019
     lbl_jd:
Gh05tPT found a XSS vulnerability on our site which I was able to fix quite quickly. Thanks for your help.
    4 December, 2019
     sanjurosaves:
Excellent discovery and discreet disclosure of an SQL injection vulnerability. Top tier security researcher.