Infosec Institute

Open Bug Bounty mentioned in the
Top 6 Bug Bounty programs of
2022 by the InfoSec Institute

The Hacker News

Open Bug Bounty named among the
Top 5 Bug Bounty programs of 2021
by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,773,374 coordinated disclosures
1,465,735 fixed vulnerabilities
2,083 bug bounty programs, 3,998 websites
56,383 researchers, 1,732 honor badges

tarun | Security Researcher Profile


Security researcher tarun has already helped fix 220 vulnerabilities.



Researcher reputation:  70

Real name:
tarun mahour

About me:
Ethical Hacker & Web Application Security Researcher

Note :- If You Fixed Your Website Vulnerability Please Don't Forget To Give Me Recommendations and Acknowledgements In My OpenBugBounty Profile

Contact email:
Email Address :- [email protected]

Second email address :- [email protected]

Facebook profile :- https://www.facebook.com/tarunhacks

Alternative Contacts:
paypal mail: [email protected]

Email:- [email protected]

Certifications & Diplomas:
Certified Ethical Hacker (CEH)

Experience in Application Security
3-5 years

Award / Bug Bounty I prefer:
Hall of Fame
Donations(PayPal)
T-shirt
recommendations
Public Recommendation
Public Thanks
Swags
Certificate
etc

Halls of Fame:
google.com
netgear.com
pinterest.com
Telekom.com
alienvault.com
optimizely.com
https://en.altervista.org/credits.php
https://bugbounty.att.com/hof.php
https://www.postnl.nl/en/responsible-disc

Follow me on:
Twitter
Facebook

Ethics and Rules:
tarun mahour is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.

Recommendations and Acknowledgements

@spudstuff     24 July, 2018
    Twitter spudstuff Adam Nelson from Bauer Media:
Tarun is very professional and helpful. His research was exemplary and he comes highly recommended. Thanks Tarun!
@greatyouthgames     18 August, 2018
    Twitter greatyouthgames Joel from Youth Group Games:
Tarun is very professional and helpful. The security vulnerability he disclosed to us helped us ensure a safe and secure website for the future. Thanks!
@tranhdaquy01992     17 August, 2018
    Twitter tranhdaquy01992 Jackly from NextTech-WS:
Tarun helped us for securing the website! Thanks Tarun!
@Warin     25 June, 2018
    Twitter Warin Marin from ilooove.it:
Tarun helped us for securing the website!
@scottpants     19 June, 2018
    Twitter scottpants Scott from UHI:
Helpful, detailed information and very communicative!

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE Badge
FAMOUS Badge
GLOBALLY TRUSTED Badge
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:530
Total reports on VIP sites:56
Total patched vulnerabilities:220
Recommendations received:5
Active since:05.11.2017

Open Bug Bounty Certificate


Researcher Certificate

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions




No posts in blog yet










  Latest Patched

 13.01.2025 prrmcp.edu.in
 13.01.2025 gdcknagaram.edu.in
 13.01.2025 secretariat.mmc.edu.tw
 11.01.2025 justice.gov.uk
 11.01.2025 angra.rj.gov.br
 10.01.2025 pequizeiro.to.gov.br
 10.01.2025 ias.gov.mo

  Latest Blog Posts

04.12.2023 by BAx99x
Unmasking the Power of Cross-Site Scripting (XSS): Types, Exploitation, Detection, and Tools
04.12.2023 by a13h1_
$1120: ATO Bug in Twitter’s
04.12.2023 by ClumsyLulz
How I found a Zero Day in W3 Schools
04.12.2023 by 24bkdoor
Hack the Web like a Pirate: Identifying Vulnerabilities with Style
04.12.2023 by 24bkdoor
Navigating the Bounty Seas with Open Bug Bounty

  Recent Recommendations

    20 December, 2024
    CygnusEd:
Thank you very much for your reporting a XSS vulnerability on my site.
Thanks also for the friendly communication!
Great job!
    10 December, 2024
    Sim:
Thank you for identifying an old development project. Information provided was clear allowing a swift removal of the offending code.
    10 December, 2024
    privacysafe:
Andrea is very professional and reported an issue responsibly and in a timely manner, with great communication about the scope and potential impact. Though it was a low-severity issue, this was nevertheless something in need of patching and we're always grateful at PrivacySafe to security researchers, especially hardworking volunteers like Andrea.
    9 December, 2024
    Spinner:
Reported an XSS vulnerability on our website, and provided enough details for us to fix it quickly. So helpful!!
    8 December, 2024
    Sim:
Many thanks for your reports highlighting a potential XSS bug where a validation step was out of sequence to the initial use.