bug bounty hunting
Open Bug Bounty: 3048 Patched Vulnerabilities
Over a 36 month period, I helped remediate 3048 vulnerabilities through Open Bug Bounty.
BBC Security Hall of Fame: Reflective XSS Vulnerability
In 2018, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on the homepage of the BBC.
University of Twente Security Hall of Fame: Remote Command Execution (RCE)
In 2018, I discovered a remote command execution (RCE) vulnerability on University of Twente's website.
United Nations Security Hall of Fame: Path Disclosure Vulnerability
In 2017, I discovered a path disclosure vulnerability on a subdomain belonging to United Nations.
Deutsche Telekom Security Hall of Fame: Information Disclosure
In 2017, I discovered an information disclosure vulnerability on a subdomain belonging to Deutsche Telekom.
Esri Security Hall of Fame: Cookie Based SQL Injection
In 2017, I discovered a cookie based SQL injection (SQLI) vulnerability on a subdomain belonging to Esri.
Duke Security Hall of Fame: Reflective XSS Vulnerability
In 2017, I discovered multiple cross-site-scripting (XSS) vulnerabilities on Duke's website.
Houzz Security Hall of Fame: Blind Based SQL Injection (SQLI)
In 2016, I discovered a blind based SQL injection (SQLI) vulnerability on the Houzz website.
AOL Security Hall of Fame: Local File Inclusion (LFI) Vulnerability
In 2016, I discovered a local file inclusion (LFI) vulnerability on a subdomain belonging to AOL.
AT&T Security Hall of Fame: Reflective XSS Vulnerability
In 2016, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on a subdomain belonging to AT&T.
