_metamorfosec_ | Security Researcher Profile
Security researcher _metamorfosec_ has already helped fix 4535 vulnerabilities.
Researcher reputation: 640
Real name:
irfan
About me:
Security Researcher, Independent Software Vendor, Self-Published Author.
I use Google, creativity, and luck. No automated tool!
Contact email:
[email protected]
Alternative Contacts:
[email protected]
Award / Bug Bounty I prefer:
I assume that you have (1) respect, (2) negotiation skill, & (3) read and understood openbugbounty.org/about/#p9
I prefer:
Bounty (50-500 USD/EUR, preferably 250)
Recommendation/Free Stuff/etc
Follow me on:
Twitter
Ethics and Rules:
irfan is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.
Recommendations and Acknowledgements | Full List:
Thanks for the help with the XSS vulnerability. It was a quick fix. |
Thanks for reporting the XSS problem. We have fixed the vulnerability on our website. |
Thanks to metamorfosec for reporting the XSS problem on our websites. I could fix the problem in a very short time. Professional communication and quick and detailed responses. Thanks alot! |
Thanks for reporting the XSS problem on our websites. We were able to fix the problem within 3 hours. Great job - thank you |
Thank you for noticing the problem of one of our customers and that we were able to resolve it quickly. Thank you! |
We would like to thank metamorfosec for reporting some XSS-Vulnerabilities on our site responsible. We did fix those now. |
Thanks for informing me about a general PHP malfunction which could be used to scam people on my website. |
Thank you very much for finding and evaluating a vulnerability on our website. We really appreciate your help! |
Very quick response and very helpful! We were able to patch the vulnerability quickly and privately. |
Thanks for the detailed report and helping us zero in and fix this problem quickly! |
Very helpful and responsive to queries, which assisted us both with resolving the reported issues and working with with OpenBugBounty. |
Thanks for reporting the XSS problem at my websites and the open source software I am developing metamorfosec. |
Metamorfosec was really helpful in providing detailed information about the problem and how to fix it. Thank you! |
Thanks for your detailed and concise report. Professional communication and prompt feedback -- Great job! |
Thank you for making us aware of the issues on our websites and providing detailed information of so we could make the required fixes. Very helpful! |
Irfan has been very helpful on helping our company to patch a vulnerability that was affecting all of our websites. We reach to him and he explained us the vulnerability that has been quickly patched. He has also checked the patch to verify that it was properly set up. Thanks a lot Irfan! |
Metamorfosec did a great job finding and evualuating our vulnerabilites. Very good communication with the researcher, he was very helping and quick. |
Thank you for reporting the problem and associated details! |
Thank you for reporting the vulnerability on our website, we very much appreciate your quick response and good description of the issue. |
Thank you very much for reporting a problem on our website and help with giving detailed description and explanations on how we could solve it. |
Thank you very much for finding the bug on our website and your responsible disclosure. Absolutely appreciated. You make the web a better place! |
Thank you for reporting the problem and giving detailed explanations on how we would sort it out. |
Thanks for your clear and concise report and quick communication, a true security professional :) |
Thank you very much for finding and evaluating a vulnerability on our website. Very professional and detailed communication. |
Thank you very much for making us aware of the issue and providing us a high quality vulnerability report which helped us identify the source of the vulnerability right away. |
A comprehensive report helped me quickly patch a vulnerability on a recently deployed client system. I very much appreciate you taking the time to report with a reproducible test case. Many thanks. |
Thank you very much for finding and evaluating a vulnerability on our website. Very professional and detailed communication. |
Thanks for reporting the problem and the vulnerability details. |
Thank you for making us aware of an issue on our site. We really appreciate it. |
Thanks very much for the report! We were sure that everything was proteced, but apparently we missed some special places where the escaping wasn't sufficient. It is now fixed. |
Thanks for reporting the problem and the vulnerability details. |
Thank you for finding the vulnerability on our website. It has been taken care of after your recommendations Good work ! |
Thanks you very much for the advice about security issue in our site. |
Thanks very much for the report! I was pretty sure that everything was safe, but apparently I missed two places where the escaping wasn't sufficient. |
Thank you so much for reporting security vulnerability and for the information needed to fix the issues. |
Thanks for your help! Your findings were accurate, and collaboration with you was easy. It's is glad to see responsible disclosures like yours, that help Companies to fix security bugs. Thanks! |
Thanks for making us aware of CSRF vulnerabilities on our websites! They're more secure now. |
Thanks for reporting two bugs from our Math Suite Wiris Quizzes and CalcMe. It's now a better product thanks to you! |
Thank you so much for reporting this vulnerability in a responsible manner! We were able to find and fix this specific vulnerability, as well as another that was related, and we really appreciate your help in getting this sorted out! |
Thank you so much for reporting security vulnerability and for the information needed to fix the issues. |
Thank you very much for helping to make our website even more secure. |
Thank you helping us finding and fixing vulnerabilities. |
Very fast response and very detailed and helpful reply. The observations were all correct and the the HTML which was provided in the response correctly illustrated the vulnerability. Overall great job and thanks for your efforts! |
Thank you very much for a great and in-depth explanation of the issue. This kind of description makes it very easy to identify and fix the problem. Really appreciate your help. |
Thank you foro reporting a security issue with our website and for promptly providing the affected pages. |
Thank you so much for reporting XSS vulnerabilities on our websites. |
Thank you for pointing out a security issue on the BOINCstats website. It helped me find and fix the issue and a few other issues as well. |
Thank you so much for reporting the security issue and bringing this to our attention. We highly appreciate your time and professional skills in helping to make Driver Easy more secure. We're working on the issue and will update with you when we fix it. Thanks again for everything. |
Thank you for reporting a security vulnerability on our websites and for giving us the information needed in order to patch it. We really appreciate your help! |
Honor Badges
Number of Secured Websites
|
|
|
|
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Advanced Security Research
|
|
|
|
WAF Bypasser
|
CSRF Master
30+ Reports
|
AppSec Logic Master
30+ Reports
|
Fastest Fix
Fix in 24 hours
|
Outstanding Achievements
|
|
|
|
Secured OBB
|
OBB Advocate
|
Improved OBB
|
Commitment to Remediate and Patch
|
|
|
|
Patch Master
55% Patched
|
Patch Guru
65% Patched
|
Patch Lord
75% Patched
|
Recommendations and Recognition
|
|
|
|
REPUTABLE
10+ Recommends
|
FAMOUS
25+ Recommends
|
GLOBALLY TRUSTED
50+ Recommends
|
Distinguished Blog Author
|
|
|
|
1 Post
|
3 Posts
|
5+ Posts
|
Research Statistics
Total reports: | 22393 |
Total reports on VIP sites: | 186 |
Total patched vulnerabilities: | 4535 |
Total vulnerabilities on Hold (Open Bug Bounty): | 868 |
Recommendations received: | 50 |
Active since: | 30.04.2018 |
Reported Vulnerabilities
All Submissions VIP SubmissionsFeatured Submissions
Domain | Reported | Status | Type |
---|
No posts in blog yet |
Please login via Twitter to add a recommendation