febin_rev | Security Researcher Profile
Security researcher febin_rev has already helped fix 24 vulnerabilities.
Researcher reputation: 130
Real name:
Febin
About me:
Passionate hacker, security researcher and a bug hunter. Working hard for knowledge and to improve myself.
PayPal : paypal.me/febinrev
[email protected]
Contact email:
E-mail: [email protected]
Phone: 91 8270920043
Alternative Contacts:
[email protected]
twitter.com/febinrev
Certifications & Diplomas:
Fortinet nse 1,2
CyberArk trustee
Networking
Linux administration
CNSS
Autopsy forensics
Experience in Application Security
1-3 years
Award / Bug Bounty I prefer:
Money , Accessories , Thanks , recommendation. Anything You like to gift me for my responsible report.
PayPal : paypal.me/febinrev
Halls of Fame:
bugcrowd.com/fitbit/hall-of-fame
bugcrowd.com/indeed/hall-of-fame
litmind.com/bughunters
Nokia HOF : https://www.nokia.com/notices/responsible-disclosure/
Follow me on:
Twitter
Recommendations and Acknowledgements


Thank you Febin for your clear and concise report and proof of concept that allowed us to close an SSRF to internal port scanning issue in one of our services. |


Febin has found many bugs in our site and helped us solving them by providing comprehensive proof of concept, screenshots and details. He earned a place of honor in our bug hunters hall of fame: https://www.litmind.com/bughunters |


Febin has found a bunch of vulnerabilities related to the lack of CSRF request authentication. Thanks to his reports our site is now more secure! Thank you! |


Febin discovered that our security.txt wasn't configured correctly and pointed to an outdated page. He provided a quick message, showed the issue. Thank you! https://sportsa.com |


Thanks for finding and reporting a business logic issue of our service. |


Thanks febin_rev for your kind report! You've discovered a CSRF vulnerability in our site thanks and we've been able to solve it thanks to your help. So grateful, cheers! |
Honor Badges
Number of Secured Websites
![]() |
![]() |
![]() |
![]() |
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
![]() |
![]() |
![]() |
![]() |
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
![]() |
![]() |
![]() |
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
![]() |
![]() |
![]() |
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
![]() |
![]() |
![]() |
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
![]() |
![]() |
![]() |
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 97 |
Total reports on VIP sites: | 17 |
Total patched vulnerabilities: | 24 |
Recommendations received: | 7 |
Active since: | 29.06.2020 |
Reported Vulnerabilities
All Submissions VIP SubmissionsFeatured Submissions
Domain | Reported | Status | Type |
---|
CloudMe 1.11.2 Buffer OverFlow - Exploit Development.

Hi,
This is Febin,
Twitter : febinrev
In this Post , I am gonna demonstrate windows Stack buffer overflow and exploit development in CloudMe 1.11.2 .
CloudMe is a cloud storage service. This buffer overflow vulnerability was patched and the exploit is released publicly in 2018 (CVE-2018–6892).
This is a Local Privilege Escalation Vulnerability
This demo will help guys who are preparing for OSCP or equivalent Certifications and also help guys (like me!) who wanna learn advanced hacking and exploit development. There are some executables/apps like “vulnserver” that are intentionally built to be vulnerable for educational purposes, but this is a real life application. So, basically we are developing a real exploit and attacking a real app.
Lets Go!
14.09.2020 How to find valid and impactful CSRFs
Please login via Twitter to add a recommendation