Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 279,372 coordinated disclosures
160,305 fixed vulnerabilities
224,114 websites, 17,628 VIP websites
7,448 researchers, 6,915 subscribers

metamorfosec | Security Researcher Profile


Security researcher metamorfosec has already helped fix 394 vulnerabilities.



Researcher reputation:  130

Real name:
irfan

About me:
A boutique consultancy that provides assessment and consulting services for information security-related domain

How to contact me:
info[at]metamorfosec.com

Award / Bug Bounty I prefer:
Bug bounty payment via PayPal or Bank Transfer, a recommendation on my profile, and/or any interesting stuff or offer

Follow me on:
Twitter

Recommendations and Acknowledgements

    22 August, 2018
     wirthundhorn Support from dtv.de:
Thank you helping us finding and fixing vulnerabilities.
    22 August, 2018
     DanielGuenthe12 Daniel Guenther from Visual Meta GmbH:
Very fast response and very detailed and helpful reply. The observations were all correct and the the HTML which was provided in the response correctly illustrated the vulnerability.

Overall great job and thanks for your efforts!
    17 August, 2018
     tarif4you Alex from DAIR Media:
Thank you very much for a great and in-depth explanation of the issue.
This kind of description makes it very easy to identify and fix the
problem. Really appreciate your help.
    9 August, 2018
     kevinBaseCom Kevin from Online Commerce Ltd:
Thank you foro reporting a security issue with our website and for promptly providing the affected pages.
    26 July, 2018
     sgiannandrea2 sgiannandrea from LepidaSpA:
Thank you so much for reporting XSS vulnerabilities on our websites.
    23 June, 2018
     testmynet CA3LE from TestMy.net:
Thank you for helping me address my XSS issues.
    12 June, 2018
     willy0611 Willy from BOINCstats.com:
Thank you for pointing out a security issue on the BOINCstats website. It helped me find and fix the issue and a few other issues as well.
    8 June, 2018
     DriverEasy Driver Easy from Driver Easy:
Thank you so much for reporting the security issue and bringing this to our attention. We highly appreciate your time and professional skills in helping to make Driver Easy more secure.
We're working on the issue and will update with you when we fix it.
Thanks again for everything.
    28 May, 2018
     karriere_ms Sina from Aschendorff Medien GmbH & Co. KG:
Thank you for reporting a security vulnerability on our websites and for giving us the information needed in order to patch it. We really appreciate your help!

Please login via Twitter to add a recommendation

Awards and Achievements


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Research Statistics



Total reports:1230
Total reports on VIP sites:66
Total patched vulnerabilities:394
Total vulnerabilities on Hold (Open Bug Bounty):352
Recommendations received:9
Active since:30.04.2018

Open Bug Bounty Certificate



Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
18.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting
17.10.2018
On Hold
Cross Site Scripting

  Latest Patched

      flirt4free.com
    Patched on 18.10.2018
      ducksters.com
    Patched on 18.10.2018
      sandals.com
    Patched on 18.10.2018
      elcaribe.com.do
    Patched on 18.10.2018
      boattrader.com
    Patched on 18.10.2018
      g-star.com
    Patched on 18.10.2018
      addthis.com
    Patched on 17.10.2018
      elo7.com.br
    Patched on 17.10.2018
      engelvoelkers.com
    Patched on 17.10.2018
      iledefrance.fr
    Patched on 16.10.2018

  Recent Recommendations

    17 October, 2018
     aartvdwerf:
Helped me fix 2 xss vulnerabilities. Very quick response.
    17 October, 2018
     Paruzzi_webm:
He pointed out a problem which we then could fix. Thanks again for al your help.
    16 October, 2018
     euvtechnology:
Dear Taha, Thank you for reporting the XSS vulnerability you discovered on our website and helping us ensuring the security of our webservices.
    16 October, 2018
     euvtechnology:
Dear Cole, Thank you for reporting the XSS vulnerability you discovered on our website and helping us ensuring the security of our webservices.
    16 October, 2018
     euvtechnology:
Dear Ketan, Thank you for reporting the XSS vulnerability you discovered on our website and helping us ensuring the security of our webservices.