Report Email Alerts Open Bug Bounty: 102541 coordinated disclosures
Full Disclosure: 32227 vulnerabilities
Total Vulnerabilities Fixed: 34664
112189 vulnerable websites, 12405 VIP websites
2641 security researchers, 3734 notification subscribers

eb | Security Researcher Profile

Security researcher eb has already helped fix 146 vulnerabilities.

How to contact me:
qna[at]protonmail[dot]com

Award / Bug Bounty I prefer:
Anything you wish to give me will motivate me in continuing to report bugs to various organizations. You can contact me direct on qna@protonmail.com.

HOF
$$$

Halls of Fame:
25/04
ATT.com
BT.com
AOL.com
ESA.int
ADOBE.com
MICROSOFT.com
BATTLE.net
VODAFONE.com
SONY.com


and many more ;)


Statistics and Awards

Approved XSS vulnerabilities:613
Approved XSS vulnerabilities on VIP websites:19
Patched vulnerabilities:147
Verified vulnerabilities on Hold (Open Bug Bounty):50
Active since:25.04.2016

Recommendations and Acknowledgements

31 January, 2017
rdgourlay Rob Gourlay :

Many thanks for bringing this vulnerability to my attention and for providing clear and precise details of the problem. I really appreciate your assistance in retesting to make sure that I had resolved the issue.

8 December, 2016
BrandeisInfoSec John from Brandeis University:

Dan was very helpful and informative, and super quick to reply. His info helped us ID a server that needed to be retired. Thanks!

8 December, 2016
carldr Carl Drinkwater from 29degrees Limited:

Quick communication along with a clear and concise report of how to reproduce the vulnerability. Thank you Dan for helping to resolve it as quickly as we did.

7 December, 2016
geefgratis Jordan van Bergen from Stichting GeefGratis:

Dan gave us a simple way to reproduce the vulnerability by e-mail and we where able to fix this issue because we could explain this easy and straight forward to our development party. It was like forwarding an e-mail to get it fixed.

31 October, 2016
ISOatUO Jim Cheetham from University of Otago:

A good find in an obscure corner of our of our sites. Quickly communicated so we could fix the issue immediately. Many thanks.

25 July, 2016
escubaguru Daniel from eScuba Pty Ltd:

Totally responsive, very helpful - the best we've ever dealt with in the security space.

30 June, 2016
ribenaisgood Matt from A map company:

Dan gave us a simple way to reproduce the vulnerability and was quick to provide us with clear and detailed further information when we had questions about it.

23 June, 2016
kominbhai Komin Antony from InvestorWords:

Dan helped us find and provided the necessary details to fix the vulnerability on our website. It helped us to resolve the issue quickly and improved the overall security of our site.

8 June, 2016
ActOnSoftware Jahvita Rastafari from Act-On Software:

Thanks to Dan, we have been able to identify and fix a vulnerability. We thank you for working with us to get this issue resolved!

6 June, 2016
robferrer Rob Ferrer from Presto Classical Ltd:

Thank you very much for your responsible disclosure and professional response. I was able to patch the bug with little fuss.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)
11.02.2017
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

sexlew.net
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
charkhan.com
Reported by OmniGooch Recommendations received: 2
Approved XSS vulnerabilities: 2340
Approved XSS vulnerabilities on VIP websites: 128
on 26.02.2017
videosz.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 25.02.2017
digitalplayground.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 25.02.2017
e-lyco.fr
Reported by DrStache Twitter: @DrStache_
Recommendations received: 24
Approved XSS vulnerabilities: 3881
Approved XSS vulnerabilities on VIP websites: 147
on 25.02.2017
newsweek.pl
Reported by DonkeyJJLove Twitter: @DonkeyJJLove
Recommendations received: 9
Approved XSS vulnerabilities: 896
Approved XSS vulnerabilities on VIP websites: 265
on 25.02.2017
suara.com
Reported by Rungga Twitter: @rungga_reksya
Approved XSS vulnerabilities: 383
Approved XSS vulnerabilities on VIP websites: 23
on 24.02.2017
aqua.hu
Reported by RickChase Approved XSS vulnerabilities: 214
Approved XSS vulnerabilities on VIP websites: 9
on 24.02.2017
telestar.fr
Reported by DrStache Twitter: @DrStache_
Recommendations received: 24
Approved XSS vulnerabilities: 3881
Approved XSS vulnerabilities on VIP websites: 147
on 24.02.2017
football365.fr
Reported by DrStache Twitter: @DrStache_
Recommendations received: 24
Approved XSS vulnerabilities: 3881
Approved XSS vulnerabilities on VIP websites: 147
on 24.02.2017

Latest Submissions

asianamericantgirls.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
arabianchicks.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
blackgfsex.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
roundandbrown.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
badtowtruck.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
primecups.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
spizoo.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
es.wowcardmarket.eu
Reported by pabloskimaster Guest Researcher Profile on 26.02.2017
phalogenics.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017
m.porn555.com
Reported by rj01 Twitter: @RoyJansen_01
Recommendations received: 3
Approved XSS vulnerabilities: 844
Approved XSS vulnerabilities on VIP websites: 133
on 26.02.2017