Report Email Alerts Open Bug Bounty: 96803 coordinated disclosures
Full Disclosure: 32119 vulnerabilities
Total Vulnerabilities Fixed: 33036
107326 vulnerable websites, 12158 VIP websites
2468 security researchers, 3433 notification subscribers

eb | Security Researcher Profile

Security researcher eb has already helped fix 143 vulnerabilities.

How to contact me:
qna[at]protonmail[dot]com

Award / Bug Bounty I prefer:
Anything you wish to give me will motivate me in continuing to report bugs to various organizations. You can contact me direct on [email protected]

HOF
$$$

Halls of Fame:
25/04
ATT.com
BT.com
AOL.com
ESA.int
ADOBE.com
MICROSOFT.com
BATTLE.net
VODAFONE.com
SONY.com


and many more ;)


Statistics and Awards

Approved XSS vulnerabilities:576
Approved XSS vulnerabilities on VIP websites:19
Patched vulnerabilities:144
Verified vulnerabilities on Hold (Open Bug Bounty):28
Active since:25.04.2016

Recommendations and Acknowledgements

8 December, 2016
BrandeisInfoSec John from Brandeis University:

Dan was very helpful and informative, and super quick to reply. His info helped us ID a server that needed to be retired. Thanks!

8 December, 2016
carldr Carl Drinkwater from 29degrees Limited:

Quick communication along with a clear and concise report of how to reproduce the vulnerability. Thank you Dan for helping to resolve it as quickly as we did.

7 December, 2016
geefgratis Jordan van Bergen from Stichting GeefGratis:

Dan gave us a simple way to reproduce the vulnerability by e-mail and we where able to fix this issue because we could explain this easy and straight forward to our development party. It was like forwarding an e-mail to get it fixed.

31 October, 2016
ISOatUO Jim Cheetham from University of Otago:

A good find in an obscure corner of our of our sites. Quickly communicated so we could fix the issue immediately. Many thanks.

25 July, 2016
escubaguru Daniel from eScuba Pty Ltd:

Totally responsive, very helpful - the best we've ever dealt with in the security space.

30 June, 2016
ribenaisgood Matt from A map company:

Dan gave us a simple way to reproduce the vulnerability and was quick to provide us with clear and detailed further information when we had questions about it.

23 June, 2016
kominbhai Komin Antony from InvestorWords:

Dan helped us find and provided the necessary details to fix the vulnerability on our website. It helped us to resolve the issue quickly and improved the overall security of our site.

8 June, 2016
ActOnSoftware Jahvita Rastafari from Act-On Software:

Thanks to Dan, we have been able to identify and fix a vulnerability. We thank you for working with us to get this issue resolved!

6 June, 2016
robferrer Rob Ferrer from Presto Classical Ltd:

Thank you very much for your responsible disclosure and professional response. I was able to patch the bug with little fuss.

4 May, 2016
cpweather Christian from MC:

Thanks! Very quick and efficient! You help to make a safer web.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
20.01.2017
On Hold
XSS  (Open Bug Bounty)
20.01.2017
On Hold
XSS  (Open Bug Bounty)
16.01.2017
On Hold
XSS  (Open Bug Bounty)
15.01.2017
On Hold
XSS  (Open Bug Bounty)
15.01.2017
On Hold
XSS  (Open Bug Bounty)
14.01.2017
On Hold
XSS  (Open Bug Bounty)
06.12.2016
On Hold
XSS  (Open Bug Bounty)
05.12.2016
On Hold
XSS  (Open Bug Bounty)
05.12.2016
On Hold
XSS  (Open Bug Bounty)
05.12.2016
On Hold
XSS  (Open Bug Bounty)
05.12.2016
On Hold
XSS  (Open Bug Bounty)
04.12.2016
On Hold
XSS  (Open Bug Bounty)
04.12.2016
On Hold
XSS  (Open Bug Bounty)
03.12.2016
patched
XSS  (Full Disclosure)
03.12.2016
On Hold
XSS  (Open Bug Bounty)
03.12.2016
On Hold
XSS  (Open Bug Bounty)
03.12.2016
On Hold
XSS  (Open Bug Bounty)
03.12.2016
On Hold
XSS  (Open Bug Bounty)
02.12.2016
unpatched
XSS  (Full Disclosure)
26.11.2016
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

diez.hn
Reported by Gamliel_InfoSec Twitter: @Gamliel_InfoSec
Approved XSS vulnerabilities: 50
Approved XSS vulnerabilities on VIP websites: 14
on 24.01.2017
cbc.ca
Reported by Tacocat Twitter: @DaTacocat
Approved XSS vulnerabilities: 4
Approved XSS vulnerabilities on VIP websites: 2
on 23.01.2017
filehippo.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
inflibnet.ac.in
Reported by SonnySpooks Twitter: @SonnySpooks
Recommendations received: 1
Approved XSS vulnerabilities: 1191
Approved XSS vulnerabilities on VIP websites: 57
on 23.01.2017
ebi.ac.uk
Reported by SonnySpooks Twitter: @SonnySpooks
Recommendations received: 1
Approved XSS vulnerabilities: 1191
Approved XSS vulnerabilities on VIP websites: 57
on 23.01.2017
d-h.st
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 7
Approved XSS vulnerabilities: 1065
Approved XSS vulnerabilities on VIP websites: 76
on 23.01.2017
nuvid.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 2
Approved XSS vulnerabilities: 547
Approved XSS vulnerabilities on VIP websites: 107
on 23.01.2017
traidnt.net
Reported by codingplanets Twitter: @codingplanets
Approved XSS vulnerabilities: 66
Approved XSS vulnerabilities on VIP websites: 2
on 23.01.2017
bet.com
Reported by Xany Twitter: @Xanyrekt
Approved XSS vulnerabilities: 898
Approved XSS vulnerabilities on VIP websites: 102
on 23.01.2017
docslide.us
Reported by Xany Twitter: @Xanyrekt
Approved XSS vulnerabilities: 898
Approved XSS vulnerabilities on VIP websites: 102
on 23.01.2017

Latest Submissions

mypolkschools.net
Reported by Tacocat Twitter: @DaTacocat
Approved XSS vulnerabilities: 4
Approved XSS vulnerabilities on VIP websites: 2
on 23.01.2017
recipelion.com
Reported by RickChase Approved XSS vulnerabilities: 195
Approved XSS vulnerabilities on VIP websites: 8
on 23.01.2017
thestandard.com.hk
Reported by RickChase Approved XSS vulnerabilities: 195
Approved XSS vulnerabilities on VIP websites: 8
on 23.01.2017
uniobregon.com
Reported by RickChase Approved XSS vulnerabilities: 195
Approved XSS vulnerabilities on VIP websites: 8
on 23.01.2017
dol.deliver.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
sz.house.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
jn.house.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
xa.house.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
sh.house.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017
hz.house.ifeng.com
Reported by whacky Twitter: @w_hacky
Recommendations received: 1
Approved XSS vulnerabilities: 434
Approved XSS vulnerabilities on VIP websites: 6
on 23.01.2017