Zeď slávy (Hall of Fame)

Na této stránce pravidelně aktualizujeme seznam našich hrdinů - lovců, kteří se aktivně zapojili do programu Bug Bounty.

  • D. Straka – SQL injection
  • Michal Špaček (@spazef0rze) – Cross-site request forgery (CSRF), Cross-site scripting (XSS), SQL injection
  • Milan "Hodza" Kozák – SQL injection, Information Disclosure
  • Ondřej Žára – Cross-site scripting (XSS)
  • Kamil Vávra – Cross-site request forgery (CSRF), Unexpected log report
  • Tomáš Hudáč – Cross-site scripting (XSS)
  • Jaromír Hamala – Unauthorized access to server administration interface
  • Martin Hartl – Cross-site scripting (XSS), Open Redirect
  • Jaroslav Martínek – Information Disclosure
  • Ayoub Fathi – Cross-site scripting (XSS)
  • Tom – Information Disclosure
  • @securehack z HACKTRACK security – Multiple Cross-site scripting (XSS), Blind SQL injection, Information disclosure, Redirect / XSS attack
  • Marek Malcovský – Cross-site scripting (XSS), Remote code execution, Open Redirect
  • Tonda Hýža – Cross-site scripting (XSS), Information Disclosure
  • Martin Doupovec – Information Disclosure
  • Michal Smrčka – Cross-site scripting (XSS)
  • martanc – Information Disclosure
  • Ayoub Ait Elmokhtar – Information Disclosure, Remote code execution
  • SOOM.cz – SQL injection, Information Disclosure, Cross-site scripting (XSS)
  • Murat Yilmazlar – @muratyilmazlarr - Cross-site scripting (XSS)
  • Hamit Abis – Open Redirect
  • Vahagn (vah13) Vardanyan – Information Disclosure
  • Marek Křivan – Cross-site scripting (XSS)
  • Eusebiu Blindu – Cross-site scripting (XSS)
  • MEHMET NURCAN (fb/mehsul) – Cross-site scripting (XSS)
  • Milan A Solanki (Mashack) – Cross-site request forgery (CSRF)
  • Pavel Schön – Cross-site scripting (XSS)
  • Ondřej Smrž – Cross-site scripting (XSS)
  • Petr Kletečka (petr.kle.cz) – Cross-site scripting (XSS), SSLStripProxy
  • MAZLUM BOZAN – Cross-site scripting (XSS)
  • Eusebiu Blindu (http://www.testalways.com/) – Information Disclosure
  • Harsha Vardhan (@hvboppana) – Cross-site scripting (XSS)
  • Matěj Polák – Cross-site scripting (XSS)
  • Milan Rossa – Cross-site scripting (XSS), Open Redirect, Unauthorized Access
  • Michal Smolka – Cross-site scripting (XSS), Cross-site request forgery (CSRF), Information Disclousure
  • Josef Krajkář – Clickjacking
  • Ali Burak Aydın – Mesut Uçar - Cross-site scripting (XSS)
  • Tcaciuc Bogdan Vasile – Information Disclosure, Cross-site scripting (XSS)
  • Richard Strnad – Open Redirect
  • Milan Kyselica – Clickjacking
  • Shubham Maheshwari – Clickjacking
  • Zekvan Arslan – Cross-site scripting (XSS), Open Redirect
  • İsmail Taşdelen – SQL Injection, Cross-site request forgery (CSRF), ClickJacking, Multiple Cross-site scripting (XSS), Information Disclosure
  • Berk Dusunur @berkdusunur – Cross-site scripting (XSS), Open Redirect, Information Disclosure, CRLF Injection, SQL Injection
  • Simge Gungor – Cross-site scripting (XSS)
  • Ahmet Gurel – Cross-site scripting (XSS), SQL Injection
  • Yunus YILMAZ (ynsy) – Open Redirect
  • PwnSquad aka WeedSquad – Information Disclosure
  • MUHAMMED SADETTİN KARATAŞ (LinkedIn) – Information Disclosure, Clickjacking, Cross-site scripting (XSS), Open Redirect
  • Ankur Pandey – SQL injection
  • Muhammed Enes GÖK – Clickjacking
  • Felipe "Renzi" Gabriel - Denial of Service (DoS)
  • Peter Stasko - Clickjacking
  • Furkan YILANCI - ClickJacking, Reflected cross-site scripting
  • Kerem Tamcı - SQL injection
  • Virendra Tiwari - HTTP header
  • Ben Chinoy - Privilege escalation for server, Unsecured communication, Default login, Cross-site scripting, other
  • Abhishek Karle (@AbhishekKarle3) - Improper Session Management
  • Emad Shanab (@Alra3ees) - Path traversal
  • lacroute serge (LinkedIn) - Cross-site scripting (XSS)
  • R Atik Islam - Improper Session Management
  • Mustafa Kemal Can (muskecan) - Information Disclosure
  • René Kroka - Cross-site scripting (XSS)
  • Anusha Deekonda - Cross-site scripting (XSS), Open Redirect
  • Shashank Singh Rathore (!nj3c+0R) - Cross-site scripting (XSS)
  • Rahad Chowdhury - Cross-site scripting (XSS)
  • Tomáš Polešovský (@topolik) - Cross-site scripting (XSS), Remote Code Execution (RCE)
  • Ondřej Šilha - Cross-site scripting (XSS), SQL injection
  • Ritik Chaddha(pwn_box) Twitter - Information Disclosure
  • Piotr Karolak - Default login
  • Ataberk Yavuzer - SQL injection
  • İlyas Orak (https://www.ilyasorak.net/) (LinkedIn) - SQL Injection