Report Email Alerts Open Bug Bounty: 106543 coordinated disclosures
Full Disclosure: 32293 vulnerabilities
Total Vulnerabilities Fixed: 36076
115641 vulnerable websites, 12580 VIP websites
2762 security researchers, 3854 notification subscribers

eb | Security Researcher Profile

Security researcher eb has already helped fix 151 vulnerabilities.

How to contact me:
qna[at]protonmail[dot]com

Award / Bug Bounty I prefer:
Anything you wish to give me will motivate me in continuing to report bugs to various organizations. You can contact me direct on [email protected]

HOF
$$$

Halls of Fame:
25/04
ATT.com
BT.com
AOL.com
ESA.int
ADOBE.com
MICROSOFT.com
BATTLE.net
VODAFONE.com
SONY.com


and many more ;)


Statistics and Awards

Approved XSS vulnerabilities:636
Approved XSS vulnerabilities on VIP websites:21
Patched vulnerabilities:152
Verified vulnerabilities on Hold (Open Bug Bounty):66
Active since:25.04.2016

Recommendations and Acknowledgements

31 January, 2017
rdgourlay Rob Gourlay :

Many thanks for bringing this vulnerability to my attention and for providing clear and precise details of the problem. I really appreciate your assistance in retesting to make sure that I had resolved the issue.

8 December, 2016
BrandeisInfoSec John from Brandeis University:

Dan was very helpful and informative, and super quick to reply. His info helped us ID a server that needed to be retired. Thanks!

8 December, 2016
carldr Carl Drinkwater from 29degrees Limited:

Quick communication along with a clear and concise report of how to reproduce the vulnerability. Thank you Dan for helping to resolve it as quickly as we did.

7 December, 2016
geefgratis Jordan van Bergen from Stichting GeefGratis:

Dan gave us a simple way to reproduce the vulnerability by e-mail and we where able to fix this issue because we could explain this easy and straight forward to our development party. It was like forwarding an e-mail to get it fixed.

31 October, 2016
ISOatUO Jim Cheetham from University of Otago:

A good find in an obscure corner of our of our sites. Quickly communicated so we could fix the issue immediately. Many thanks.

25 July, 2016
escubaguru Daniel from eScuba Pty Ltd:

Totally responsive, very helpful - the best we've ever dealt with in the security space.

30 June, 2016
ribenaisgood Matt from A map company:

Dan gave us a simple way to reproduce the vulnerability and was quick to provide us with clear and detailed further information when we had questions about it.

23 June, 2016
kominbhai Komin Antony from InvestorWords:

Dan helped us find and provided the necessary details to fix the vulnerability on our website. It helped us to resolve the issue quickly and improved the overall security of our site.

8 June, 2016
ActOnSoftware Jahvita Rastafari from Act-On Software:

Thanks to Dan, we have been able to identify and fix a vulnerability. We thank you for working with us to get this issue resolved!

6 June, 2016
robferrer Rob Ferrer from Presto Classical Ltd:

Thank you very much for your responsible disclosure and professional response. I was able to patch the bug with little fuss.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
05.03.2017
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

pornmd.com
Reported by iandioch Twitter: @iandioch
Recommendations received: 1
Approved XSS vulnerabilities: 1059
Approved XSS vulnerabilities on VIP websites: 133
on 23.03.2017
lachainemeteo.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
indonetwork.co.id
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
hdfilmesonlinegratis.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
sumra.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
torrentfunk.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
topky.sk
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
pagseguro.uol.com.br
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
litres.ru
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
linkwithin.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017

Latest Submissions

coinshome.net
Reported by OmniGooch Recommendations received: 2
Approved XSS vulnerabilities: 2530
Approved XSS vulnerabilities on VIP websites: 145
on 23.03.2017
secure.ero-video.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
login.ig.com.br
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
rotta8veiculos.com.br
Reported by iwoodythecowboy Twitter: @hackerous
Recommendations received: 8
Approved XSS vulnerabilities: 895
Approved XSS vulnerabilities on VIP websites: 21
on 22.03.2017
rietveldacademie.nl
Reported by HK9 Twitter: @_HK9_
Approved XSS vulnerabilities: 493
Approved XSS vulnerabilities on VIP websites: 11
on 22.03.2017
itutils.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
vault.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
exam.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
hho-plus.com
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
maayanot.org
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017