Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 328,489 coordinated disclosures
190,247 fixed vulnerabilities
405 bug bounties with 859 websites
9,196 researchers, 854 honor badges

theappsec | Security Researcher Profile


Security researcher theappsec has already helped fix 71 vulnerabilities.



Researcher reputation:  40

Real name:
Oleg

How to contact me:
You can contact me: [email protected]

Award / Bug Bounty I prefer:
> A recommendation on my profile is fine
> Bounty (Paypal)
> Swag (T-shirt, etc.)

Halls of Fame:
https://hackerone.com/theappsec/thanks

Recommendations and Acknowledgements

    22 November, 2018
     ziduniwien Computer Center from University of Vienna:
Dear theappsec,
The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues.
Your input is highly welcome and helps to raise the security level of our educational institution.
Servus and greetings from Vienna, Austria.
    30 October, 2018
     NavigateCMS Navigate CMS from Naviwebs:
Thank you very much for taking the time to detect some vulnerabilities on our website. They are now fixed, so our page is now more secure. :)
    1 October, 2018
     astroseekcom Petr9 from Astro-Seek.com:
Thank you for pointing out XSS vulnerability and giving me a chance to fix it.

Please login via Twitter to add a recommendation

Awards and Achievements


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:107
Total reports on VIP sites:18
Total patched vulnerabilities:71
Total vulnerabilities on Hold (Open Bug Bounty):11
Recommendations received:3
Active since:02.06.2018

Open Bug Bounty Certificate





No posts in blog yet


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
07.03.2019
On Hold
Cross Site Scripting
28.02.2019
On Hold
Cross Site Scripting
28.02.2019
On Hold
Cross Site Scripting
13.02.2019
On Hold
Cross Site Scripting
12.12.2018
patched
Cross Site Scripting
12.12.2018
On Hold
Cross Site Scripting
22.11.2018
patched
Cross Site Scripting
01.11.2018
patched
Cross Site Scripting
25.10.2018
patched
Cross Site Scripting
24.10.2018
patched
Cross Site Scripting
22.10.2018
patched
Cross Site Scripting
21.10.2018
patched
Cross Site Scripting
21.10.2018
patched
Cross Site Scripting
21.10.2018
patched
Cross Site Scripting
21.10.2018
patched
Cross Site Scripting
20.10.2018
patched
Cross Site Scripting
14.10.2018
patched
Cross Site Scripting
11.10.2018
patched
Cross Site Scripting
11.10.2018
patched
Cross Site Scripting
10.10.2018
patched
Cross Site Scripting

  Latest Patched

 22.03.2019 livestream.com
 21.03.2019 vuetifyjs.com
 21.03.2019 365psd.com
 21.03.2019 freepik.com
 21.03.2019 fin24.com
 21.03.2019 ecartelera.com
 21.03.2019 bergfex.at
 20.03.2019 billabong.com
 20.03.2019 gcu.ac.uk
 20.03.2019 condos.ca

  Latest Blog Posts

22.03.2019 by HackerGautam
TLS 1.3 Genesis, Mechanism and Working
19.03.2019 by Open Bug Bounty
GDPR PII exposure can now be securely reported via Open Bug Bounty
24.02.2019 by ismailtsdln
Apple XSS Vulnerability - Proof of Concept (PoC)
24.02.2019 by ismailtsdln
How do you use an xss as a keylogger ?
23.02.2019 by ismailtsdln
Everything about XSS is in this source!

  Recent Recommendations

    22 March, 2019
     jcfmachado:
Thank you for your time and notification.
    19 March, 2019
     rogerdc01:
Ezio has helped me with a vulnerability. Answered very fast after some questions and showed the way to examine the issue. Very professional!
    19 March, 2019
     interactmultim1:
Thank you k0t for reporting this bug. We appreciate your work!
    19 March, 2019
     CoreInstance:
Armin, vielen Dank für deine professionelle Unterstützung! Dank deiner Hilfe, konnten wir die Schwachstelle bei unserem Kunden direkt beheben.
    18 March, 2019
     ArnY:
Un grand merci pour votre aide. Suite à votre retour rapide et précis la faille a été corrigée rapidement par nos équipes.