Little About Me

Hi there, my name is

So far I have submitted bugs on HackerOne and have been thanked by companies. I am currently ranked in the platform. You can see my recent activities here.

View & add to cart unlisted items via IDOR Take a look
2018-05-25T00:24:38.618Z
Aapp name leakage on economy history page Take a look
2018-05-24T22:21:12.610Z
Unfiltered input allows for XSS in "Playtime Item Grants" fields Take a look
2018-05-24T22:00:09.079Z
Stored XXS @ https://steamcommunity.com/search/users/#text= via Profile Name Take a look
2018-05-24T21:57:17.473Z
GitHub import allows user to create child group under existing namespace Take a look
2018-05-24T18:27:39.178Z
Missing SPF record for the in scope domain Take a look
2018-05-24T01:29:59.761Z
Missing SPF Records. Take a look
2018-05-24T01:29:41.444Z
SSRF in Exchange leads to ROOT access in all instances Take a look
2018-05-23T21:35:58.802Z
Хранимая XSS ( API ) Take a look
2018-05-23T21:33:09.487Z
XSS уязвимость Take a look
2018-05-23T21:29:39.581Z
Tracking Bitwarden firefox addon users Take a look
2018-05-23T17:31:30.239Z
The "Download Raw Diff" URL is viewable by everyone Take a look
2018-05-23T16:23:47.180Z
Session can be continuously reused by editting "token" cookie. Take a look
2018-05-23T00:24:54.069Z
XSS on https://www.starbucks.co.uk (can lead to credit card theft) (/shop/paymentmethod) Take a look
2018-05-22T21:50:20.374Z
Часть админки доступна для всех пользователей Take a look
2018-05-22T17:43:15.365Z
Reflected XSS в /al_audio.php Take a look
2018-05-22T17:38:27.439Z
User Information Disclosure via Json response Take a look
2018-05-22T16:12:31.579Z
[dl.beepcar.ru] CRLF Injection Take a look
2018-05-22T15:10:54.098Z
invalid handling of redirect_uri at o2.mail.ru/jsapi/button Take a look
2018-05-22T15:10:08.326Z
[mobs.mail.ru] nginx path traversal via misconfigured alias Take a look
2018-05-22T15:09:32.653Z
Disclosure of Users Information via Wordpress API (?rest_route) Take a look
2018-05-22T13:49:32.398Z
Administrator can create user without entering high security mode Take a look
2018-05-22T09:27:26.945Z
XML Member Proccessing - Local File inclusion Vulnerability Take a look
2018-05-21T15:26:36.994Z
[hekto] open redirect when target domain name is used as html filename on server Take a look
2018-05-20T08:45:37.489Z
ACME TLS-SNI-01/02 challenge vulnerable when combined with shared hosting providers Take a look
2018-05-19T19:22:01.174Z