Report Email Alerts Open Bug Bounty: 136,256 coordinated disclosures
Full Disclosure: 32,606 vulnerabilities
Total Vulnerabilities Fixed: 41,355
138,737 vulnerable websites, 14,971 VIP websites
3,346 security researchers, 4,370 notification subscribers

tbm Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Security researcher tbm has already helped fix 1128 vulnerabilities.

Follow me on:
Twitter

About me:
I try to make companies heads up and aware of their security vulnerabilities just by checking XSS not to hurt them. Because XSS doesn't hurt!

How to contact me:
[email protected]

Award / Bug Bounty I prefer:
Bug Bounty Payment, If you don't want to send me some, than you can just say thanks!

Halls of Fame:
Sony / Issuu / Aol / Redhat / Microsoft / Oracle / Paypal / Adobe / Olx / Checkpoint / Twitter and Atlassian!


Research Statistics



Approved XSS vulnerabilities:2671
Approved XSS vulnerabilities on VIP websites:1248
Patched vulnerabilities:1128
Verified vulnerabilities on Hold (Open Bug Bounty):107
Active since:03.04.2015
Top Security Researcher Awards: Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Awards and Achievements

Advanced Research and Outstanding Achievements

WAF Bypasser
Secured OBB
Bug Bounty Lord
Coordinated Disclosure
Fastest Fix
Fix in 24 hours

Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Commitment to Responsible Disclosure

Patch Master
70% Patched
Patch Guru
80% Patched
Patch Lord
90% Patched

Recommendations and Recognition

REPUTABLE
30+ Recommends
FAMOUS
50+ Recommends
GLOBALLY TRUSTED
100+ Recommends

CSRF Craftsmanship

CSRF Pro
10+ Reports
CSRF Master
50+ Reports
CSRF Guru
100+ Reports

Application Logic Craftsmanship

AppSec Logic Pro
10+ Reports
AppSec Logic Master
50+ Reports
AppSec Logic Guru
100+ Reports

VIP Submissions

MADE WEB SAFER
250+ VIPs
SECURITY EVANGELIST
500+ VIPs

Quantity of Reports

10+ Reports
50+ Reports
500+ Reports
CYBERLORD
1000+ Reports

Recommendations and Acknowledgements

7 October, 2016
antonio_farina Antonio from translated.net:

Thank you tbmnull for reporting the XSS vulnerability found on translated.net website.
The details you provided helped to fix the issue immediately.

Great work.

5 October, 2016
jonny_caos Jonathan from Wine-Searcher:

Thank you tbmnull for finding the XSS vulnerability on wine-searcher. You responded quickly and with detail to enable us to fix the issue promptly. Keep up the good work!

Please login via Twitter to add a recommendation


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
02.07.2017
On Hold
XSS  (Open Bug Bounty)
30.06.2017
On Hold
XSS  (Open Bug Bounty)
30.06.2017
On Hold
XSS  (Open Bug Bounty)
30.06.2017
On Hold
XSS  (Open Bug Bounty)
30.06.2017
On Hold
XSS  (Open Bug Bounty)
28.06.2017
On Hold
XSS  (Open Bug Bounty)
27.06.2017
On Hold
XSS  (Open Bug Bounty)
26.06.2017
On Hold
XSS  (Open Bug Bounty)
26.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
17.06.2017
On Hold
XSS  (Open Bug Bounty)
22.05.2017
On Hold
XSS  (Open Bug Bounty)
18.05.2017
patched
XSS  (Open Bug Bounty)
18.05.2017
patched
XSS  (Open Bug Bounty)
04.05.2017
patched
XSS  (Open Bug Bounty)
12.04.2017
unpatched
XSS  (Open Bug Bounty)


LATEST VIP SUBMISSIONS

newsmemory.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1476
Approved XSS vulnerabilities on VIP websites: 238
on 20.07.2017
drivy.com
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
brabys.com
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
momentodonna.it
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
junpin360.com
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
haozu.com
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
unipa.it
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
volantinofacile.it
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
m.rssing.com
Reported by rj01 Twitter: @RoyJansen_01
Badges received: 8
Recommendations received: 11
Approved XSS vulnerabilities: 1508
Approved XSS vulnerabilities on VIP websites: 293
on 20.07.2017
mobile.rssing.com
Reported by rj01 Twitter: @RoyJansen_01
Badges received: 8
Recommendations received: 11
Approved XSS vulnerabilities: 1508
Approved XSS vulnerabilities on VIP websites: 293
on 20.07.2017



LATEST SUBMISSIONS

odivelas.com
Reported by MiguelSantareno Badges received: 4
Recommendations received: 3
Approved XSS vulnerabilities: 291
Approved XSS vulnerabilities on VIP websites: 57
on 20.07.2017
lojamusica.com
Reported by MiguelSantareno Badges received: 4
Recommendations received: 3
Approved XSS vulnerabilities: 291
Approved XSS vulnerabilities on VIP websites: 57
on 20.07.2017
usato.it
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
eedition.telegram.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1476
Approved XSS vulnerabilities on VIP websites: 238
on 20.07.2017
gainesvillesun.fl.newsmemory.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1476
Approved XSS vulnerabilities on VIP websites: 238
on 20.07.2017
store.shoplo.com
Reported by hackdemonium Twitter: @hackdemonium
Badges received: 10
Recommendations received: 7
Approved XSS vulnerabilities: 1326
Approved XSS vulnerabilities on VIP websites: 646
on 20.07.2017
eedition.tampabay.com
Reported by npuser500 Badges received: 9
Recommendations received: 9
Approved XSS vulnerabilities: 1476
Approved XSS vulnerabilities on VIP websites: 238
on 20.07.2017
rundel.de
Reported by secuninja Badges received: 7
Recommendations received: 16
Approved XSS vulnerabilities: 1996
Approved XSS vulnerabilities on VIP websites: 136
on 20.07.2017
metalnews.de
Reported by secuninja Badges received: 7
Recommendations received: 16
Approved XSS vulnerabilities: 1996
Approved XSS vulnerabilities on VIP websites: 136
on 20.07.2017
m.mp3mad.co.in
Reported by m0ns7er Twitter: @AkashLabde3
Badges received: 2
Approved XSS vulnerabilities: 208
Approved XSS vulnerabilities on VIP websites: 19
on 20.07.2017