Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
637,127 coordinated disclosures
405,661 fixed vulnerabilities
958 bug bounties with 1,902 websites
19,192 researchers, 1211 honor badges

thedawgyg | Security Researcher Profile

Security researcher thedawgyg has already helped fix 402 vulnerabilities.

Researcher reputation:  40

Real name:
Tommy DeVoss

About me:
Former Leader of World of Hell hacking group, current college student, System Admin, Software Developer and security researcher

How to contact me:
Email: [email protected]
Twitter: @thedawgyg
Skype: evonyhacker

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Swag, Wall of Fame, Paypal, Vouchers. Anything is fine. Nothing is expected/demanded.

Halls of Fame:
Yahoo, Mail.Ru, Mapbox, Imgur, GM, Adobe, AOL, Zynga, Viadeo, Uber, Microsoft, Netflix

Follow me on:

Recommendations and Acknowledgements

@BrandeisInfoSec     21 September, 2016
    Twitter BrandeisInfoSec Information Security from Brandeis University:
Extremely detailed and swift response from this researcher - thanks again.
@ignaciov     30 August, 2016
    Twitter ignaciov Security Team from -Alhea:
Very professional researcher. Everything was handled swiftly.
@RSwartzer     8 September, 2016
    Twitter RSwartzer Ron Swartzendruber from Western Oregon University:
Very professional. All communications were clear and prompt.
@johngrenham     5 September, 2016
    Twitter johngrenham John Grenham from
Excellent quick, clear response. Highly recommended.

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

10+ Recommends
25+ Recommends
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics

Total reports:518
Total reports on VIP sites:106
Total patched vulnerabilities:402
Recommendations received:4
Active since:14.10.2015

Open Bug Bounty Certificate

Researcher Certificate

No posts in blog yet

Reported Vulnerabilities

All Submissions VIP Submissions

  Latest Patched


  Latest Blog Posts

26.10.2020 by _r00t1ng_
Bypass Addslashes using Multibyte Character
26.10.2020 by _r00t1ng_
One Payload to Inject them all - MultiQuery Injection
26.10.2020 by _r00t1ng_
Routed SQL Injection
26.10.2020 by _r00t1ng_
DIOS the SQL Injectors Weapon
26.10.2020 by p4c3n0g3
How to find AngularJS XSS

  Recent Recommendations

@vintage_griffin     23 November, 2020
    Twitter vintage_griffin:
Thank you Cyber_India for identifying and letting us know of an improperly secured server status page.
@iCoccyx     23 November, 2020
    Twitter iCoccyx:
Thank you RAVI for your quick reply and to report my problem. Good job ! You made the web better !
@SolidInnovation     18 November, 2020
    Twitter SolidInnovation:
Ankur discovered an XSS vulnerability on our site and contacted us. Thanks for finding this for us! Your valuable contribution has helped make our website more secure.
@AsictSoc     18 November, 2020
    Twitter AsictSoc:
Dear gdattacker,

the SOC of Politecnico di Milano would like to thank you for disclosing us a XSS vulnerability on our infrastructure.
@AsictSoc     18 November, 2020
    Twitter AsictSoc:
Dear devl00p,

the SOC of Politecnico di Milano would like to thank you for disclosing us multiple XSS vulnerabilities on our infrastructure.