Report Email Alerts Open Bug Bounty: 113176 coordinated disclosures
Full Disclosure: 32423 vulnerabilities
Total Vulnerabilities Fixed: 38023
120779 vulnerable websites, 12915 VIP websites
2950 security researchers, 3978 notification subscribers

eb | Security Researcher Profile

Security researcher eb has already helped fix 157 vulnerabilities.

How to contact me:
qna[at]protonmail[dot]com

Award / Bug Bounty I prefer:
Anything you wish to give me will motivate me in continuing to report bugs to various organizations. You can contact me direct on [email protected]

HOF
$$$

Halls of Fame:
25/04
ATT.com
BT.com
AOL.com
ESA.int
ADOBE.com
MICROSOFT.com
BATTLE.net
VODAFONE.com
SONY.com


and many more ;)


Statistics and Awards

Approved XSS vulnerabilities:642
Approved XSS vulnerabilities on VIP websites:22
Patched vulnerabilities:158
Verified vulnerabilities on Hold (Open Bug Bounty):66
Active since:25.04.2016

Recommendations and Acknowledgements

31 January, 2017
rdgourlay Rob Gourlay :

Many thanks for bringing this vulnerability to my attention and for providing clear and precise details of the problem. I really appreciate your assistance in retesting to make sure that I had resolved the issue.

8 December, 2016
BrandeisInfoSec John from Brandeis University:

Dan was very helpful and informative, and super quick to reply. His info helped us ID a server that needed to be retired. Thanks!

8 December, 2016
carldr Carl Drinkwater from 29degrees Limited:

Quick communication along with a clear and concise report of how to reproduce the vulnerability. Thank you Dan for helping to resolve it as quickly as we did.

7 December, 2016
geefgratis Jordan van Bergen from Stichting GeefGratis:

Dan gave us a simple way to reproduce the vulnerability by e-mail and we where able to fix this issue because we could explain this easy and straight forward to our development party. It was like forwarding an e-mail to get it fixed.

31 October, 2016
ISOatUO Jim Cheetham from University of Otago:

A good find in an obscure corner of our of our sites. Quickly communicated so we could fix the issue immediately. Many thanks.

25 July, 2016
escubaguru Daniel from eScuba Pty Ltd:

Totally responsive, very helpful - the best we've ever dealt with in the security space.

30 June, 2016
ribenaisgood Matt from A map company:

Dan gave us a simple way to reproduce the vulnerability and was quick to provide us with clear and detailed further information when we had questions about it.

23 June, 2016
kominbhai Komin Antony from InvestorWords:

Dan helped us find and provided the necessary details to fix the vulnerability on our website. It helped us to resolve the issue quickly and improved the overall security of our site.

8 June, 2016
ActOnSoftware Jahvita Rastafari from Act-On Software:

Thanks to Dan, we have been able to identify and fix a vulnerability. We thank you for working with us to get this issue resolved!

6 June, 2016
robferrer Rob Ferrer from Presto Classical Ltd:

Thank you very much for your responsible disclosure and professional response. I was able to patch the bug with little fuss.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
04.04.2017
On Hold
XSS  (Open Bug Bounty)
29.03.2017
On Hold
XSS  (Open Bug Bounty)
29.03.2017
On Hold
XSS  (Open Bug Bounty)
26.03.2017
On Hold
XSS  (Open Bug Bounty)
24.03.2017
On Hold
XSS  (Open Bug Bounty)
24.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
10.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)
07.03.2017
On Hold
XSS  (Open Bug Bounty)

Latest VIP Submissions

casadellibro.com
Reported by Flekyy90 Approved XSS vulnerabilities: 31
Approved XSS vulnerabilities on VIP websites: 2
on 01.05.2017
toysrus.com
Reported by Liam_Somerville Twitter: @LiamMSomerville
Approved XSS vulnerabilities: 74
Approved XSS vulnerabilities on VIP websites: 3
on 30.04.2017
thesmartsearch.net
Reported by stacksmash3r Twitter: @stacksmash3r
Approved XSS vulnerabilities: 3
Approved XSS vulnerabilities on VIP websites: 1
on 30.04.2017
tagesspiegel.de
Reported by ThomySec Approved XSS vulnerabilities: 13
Approved XSS vulnerabilities on VIP websites: 7
on 30.04.2017
jiji.ng
Reported by shilewareeq Guest Researcher Profile on 30.04.2017
telenor.no
Reported by M0r3h4x Approved XSS vulnerabilities: 15
Approved XSS vulnerabilities on VIP websites: 2
on 30.04.2017
searchenginejournal.com
Reported by Omegaton Twitter: @Fabio_Rahamim
Approved XSS vulnerabilities: 10
Approved XSS vulnerabilities on VIP websites: 2
on 30.04.2017
ic.gc.ca
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 12
Approved XSS vulnerabilities: 3213
Approved XSS vulnerabilities on VIP websites: 297
on 30.04.2017
milanoo.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 12
Approved XSS vulnerabilities: 3213
Approved XSS vulnerabilities on VIP websites: 297
on 30.04.2017
buyincoins.com
Reported by Random_Robbie Twitter: @Random_Robbie
Recommendations received: 12
Approved XSS vulnerabilities: 3213
Approved XSS vulnerabilities on VIP websites: 297
on 30.04.2017

Latest Submissions

aleky.cz
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2880
Approved XSS vulnerabilities on VIP websites: 167
on 01.05.2017
fagsmut.net
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2880
Approved XSS vulnerabilities on VIP websites: 167
on 01.05.2017
nationalhomebrew.com.au
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2880
Approved XSS vulnerabilities on VIP websites: 167
on 01.05.2017
zanoonemardoone.ir
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2880
Approved XSS vulnerabilities on VIP websites: 167
on 01.05.2017
portpropmgt.com
Reported by OmniGooch Recommendations received: 3
Approved XSS vulnerabilities: 2880
Approved XSS vulnerabilities on VIP websites: 167
on 01.05.2017
nst1.capita.co.uk
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22268
Approved XSS vulnerabilities on VIP websites: 1562
on 01.05.2017
bikeleague.org
Reported by malwrforensics Approved XSS vulnerabilities: 44
Approved XSS vulnerabilities on VIP websites: 5
on 01.05.2017
uf.catalog.fcla.edu
Reported by stacksmash3r Twitter: @stacksmash3r
Approved XSS vulnerabilities: 3
Approved XSS vulnerabilities on VIP websites: 1
on 01.05.2017
e-rudy.com
Reported by malwrforensics Approved XSS vulnerabilities: 44
Approved XSS vulnerabilities on VIP websites: 5
on 01.05.2017
whistl.co.uk
Reported by Spam404 Twitter: @Spam404Online
Recommendations received: 62
Approved XSS vulnerabilities: 22268
Approved XSS vulnerabilities on VIP websites: 1562
on 01.05.2017