hackerone.com
Open in
urlscan Pro
2606:4700:4400::6812:24d6
Public Scan
URL:
https://hackerone.com/ahacker1?type=user
Submission: On May 14 via api from LU — Scanned from DE
Submission: On May 14 via api from LU — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
Skip to main content > Hacktivity Opportunities Directory Leaderboard Learn more about HackerOne Log in ProfileBadgesHacktivity A. T. (ahacker1) -------------------------------------------------------------------------------- Follow Joined December 2021 Stats 90 Days 7.00 Signal 99TH Percentile 26.67 Impact 88TH Percentile 449 Reputation - Rank Streak 2 MONTHS STREAK! Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec What is a streak? Open in new windowOpen in new window Credits 74 Vulnerabilities found 7 Thanks received Recent Badges Diversity May 2024 Insecticide October 2023 A1: Injection April 2023 All badges About A. T. MenuMenu Experienced security researcher and enthusiast, dedicated to safeguarding our digital world. CVEs: CVE-2023-6847, CVE-2023-46646, CVE-2022-23738, CVE-2022-23739, CVE-2024-1482, CVE-2024-1908 Contact: ahacker1@wearehackerone.com Hacktivity 1 GitHub -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- $617 -------------------------------------------------------------------------------- Bug was resolved 4 days ago by ahacker1 -------------------------------------------------------------------------------- $617 -------------------------------------------------------------------------------- 179 HackerOne -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- Improper Access Control - Generic High $12,500 -------------------------------------------------------------------------------- Resolved -------------------------------------------------------------------------------- View Titles of Private Reports with pending email invitation Bounty awarded 5 days ago to ahacker1 Collaboration Improper Access Control - Generic A vulnerability was discovered where anonymous users could view the titles of private reports with pending email invitations for collaboration. This was possible by sending a GraphQL request or running JavaScript code while logged out. It only worked for anonymous users when the collaboration invitation was through the Manage Collaborators panel. This allowed anonymous users to read the titles of possibly unfixed private reports, which could be leveraged against the program depending on the specificity of the report titles. This summary was automatically generated. -------------------------------------------------------------------------------- Improper Access Control - Generic High $12,500 -------------------------------------------------------------------------------- Resolved -------------------------------------------------------------------------------- 2 GitLab -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- $2,300 -------------------------------------------------------------------------------- Bug was resolved 6 days ago by ahacker1 -------------------------------------------------------------------------------- $2,300 -------------------------------------------------------------------------------- 2 GitHub -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- $4,000 -------------------------------------------------------------------------------- Bug was resolved 25 days ago by ahacker1 -------------------------------------------------------------------------------- $4,000 -------------------------------------------------------------------------------- 2 GitHub -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- $10,000 -------------------------------------------------------------------------------- Bug was resolved 28 days ago by ahacker1 -------------------------------------------------------------------------------- $10,000 -------------------------------------------------------------------------------- See all of ahacker1's Hacktivity arrow iconarrow icon Thanks 7 thanks received Valid / Closed Reputation Rank GitHub 60/87 1966 1 -------------------------------------------------------------------------------- Private Program Confidential 7/8 347 2 -------------------------------------------------------------------------------- HackerOne 3/6 152 18 -------------------------------------------------------------------------------- Private Program Confidential 0/3 88 11 -------------------------------------------------------------------------------- Reddit 2/4 79 30 -------------------------------------------------------------------------------- View more Testimonials When asked about working with ahacker1 on a vulnerability submission, HackerOne said... "I'm HackerOne's CISO and Chief Hacking Officer. Thanks for finding a really interesting corner case access control issue in our platform, and giving us a clear report. Pleasure to have you hacking on our program." 5 days ago -------------------------------------------------------------------------------- © HackerOne * Opportunities * Security * Leaderboard * Blog * Status * Docs * Support * Disclosure Guidelines * Press * Privacy * Terms * It looks like your JavaScript is disabled. To use HackerOne, enable JavaScript in your browser and refresh this page.