Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 296,615 coordinated disclosures
175,661 fixed vulnerabilities
237,188 websites, 17,842 VIP websites
8,008 researchers, 6,915 subscribers

metamorfosec | Security Researcher Profile


Security researcher metamorfosec has already helped fix 502 vulnerabilities.



Researcher reputation:  140

Real name:
irfan

About me:
A boutique consultancy that provides assessment and consulting services for information security-related domain

How to contact me:
info[at]metamorfosec.com

Key ID (valid until December 31, 2019):
B4E3D326F01182E3

Award / Bug Bounty I prefer:
Bug bounty payment via PayPal or Bank Transfer, a recommendation on my profile, and/or any interesting stuff or offer

Follow me on:
Twitter

Recommendations and Acknowledgements

    25 October, 2018
     jackwolfskin Christine from Jack Wolfskin:
Thank you very much for helping to make our website even more secure.
    22 August, 2018
     wirthundhorn Support from dtv.de:
Thank you helping us finding and fixing vulnerabilities.
    22 August, 2018
     DanielGuenthe12 Daniel Guenther from Visual Meta GmbH:
Very fast response and very detailed and helpful reply. The observations were all correct and the the HTML which was provided in the response correctly illustrated the vulnerability.

Overall great job and thanks for your efforts!
    17 August, 2018
     tarif4you Alex from DAIR Media:
Thank you very much for a great and in-depth explanation of the issue.
This kind of description makes it very easy to identify and fix the
problem. Really appreciate your help.
    9 August, 2018
     kevinBaseCom Kevin from Online Commerce Ltd:
Thank you foro reporting a security issue with our website and for promptly providing the affected pages.
    26 July, 2018
     sgiannandrea2 sgiannandrea from LepidaSpA:
Thank you so much for reporting XSS vulnerabilities on our websites.
    23 June, 2018
     testmynet CA3LE from TestMy.net:
Thank you for helping me address my XSS issues.
    12 June, 2018
     willy0611 Willy from BOINCstats.com:
Thank you for pointing out a security issue on the BOINCstats website. It helped me find and fix the issue and a few other issues as well.
    8 June, 2018
     DriverEasy Driver Easy from Driver Easy:
Thank you so much for reporting the security issue and bringing this to our attention. We highly appreciate your time and professional skills in helping to make Driver Easy more secure.
We're working on the issue and will update with you when we fix it.
Thanks again for everything.
    28 May, 2018
     karriere_ms Sina from Aschendorff Medien GmbH & Co. KG:
Thank you for reporting a security vulnerability on our websites and for giving us the information needed in order to patch it. We really appreciate your help!

Please login via Twitter to add a recommendation

Awards and Achievements


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Research Statistics



Total reports:1435
Total reports on VIP sites:68
Total patched vulnerabilities:502
Total vulnerabilities on Hold (Open Bug Bounty):375
Recommendations received:10
Active since:30.04.2018

Open Bug Bounty Certificate



Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
09.12.2018
On Hold
Cross Site Scripting
09.12.2018
On Hold
Cross Site Scripting
09.12.2018
On Hold
Cross Site Scripting
09.12.2018
On Hold
Cross Site Scripting
08.12.2018
On Hold
Cross Site Scripting
06.12.2018
On Hold
Cross Site Scripting
05.12.2018
On Hold
Cross Site Scripting
04.12.2018
On Hold
Cross Site Scripting
04.12.2018
On Hold
Cross Site Scripting
04.12.2018
On Hold
Cross Site Scripting
04.12.2018
On Hold
Cross Site Scripting
04.12.2018
On Hold
Cross Site Scripting
02.12.2018
On Hold
Cross Site Scripting
02.12.2018
On Hold
Cross Site Scripting
02.12.2018
On Hold
Cross Site Scripting
02.12.2018
On Hold
Cross Site Scripting
02.12.2018
On Hold
Cross Site Scripting
01.12.2018
On Hold
Cross Site Scripting
01.12.2018
On Hold
Cross Site Scripting
01.12.2018
On Hold
Cross Site Scripting

  Latest Patched

      rabota.ua
    Patched on 10.12.2018
      casetify.com
    Patched on 10.12.2018
      pagalworld.org
    Patched on 10.12.2018
      bn.com.pe
    Patched on 09.12.2018
      kcentr.ru
    Patched on 09.12.2018
      atlantico.fr
    Patched on 09.12.2018
      download-plaza.com
    Patched on 08.12.2018
      zakupka.com
    Patched on 08.12.2018
      bubble.is
    Patched on 08.12.2018
      acer.com
    Patched on 07.12.2018

  Recent Recommendations

    7 December, 2018
     idmocanu:
Thank you for helping us to discover the XSS vulnerabilities on our sites. Because of you we managed to improve our security.
    7 December, 2018
     PhilippeMachler:
Thank you very much for your report and your help.
We highly appreciate this.
    7 December, 2018
     jcopley:
Sajid promptly helped me identify several vulnerabilities which have been patched. Thanks and well done!
    7 December, 2018
     jcopley:
Very helpful and responsive, helped my identify and patch several XSS vulnerabilities.
    7 December, 2018
     jcopley:
Thank you for promptly helping me identify security vulnerabilities on my web site. They have been patched.