User Profile

Me

zephrfish

About

Penetration Tester, Martial Artist and Researcher. I specialise in Open Source Intelligence Gathering & Recon

Personal website:
https://blog.zsec.uk

Recognised by

None listed.

zephrfish's Recent Activity

View zephrfish's statistics

[bot.brew.sh] Full Path Disclosure

Disclosed by zephrfish on Homebrew on 2017-04-26

Exposed Unencrypted Telnet Endpoint

Disclosed by zephrfish on Starbucks on 2017-02-08

[product360.informatica.com] Unauthenticated Apache Tomcat 8 Installation

Disclosed by zephrfish on Informatica on 2016-12-08

Potential Subdomain Takeover Possible

Disclosed by zephrfish on Boozt on 2016-10-22

[stored xss, pornhub.com] stream post function

Disclosed by zephrfish on Pornhub on 2016-09-24

Instance of Apache Vulnerable to Several Issues

Disclosed by zephrfish on Boozt on 2016-09-14

[crossdomain.xml] Dangerous Flash Cross-Domain Policy

Disclosed by zephrfish on Pornhub on 2016-09-12

HTTP Track/Trace Method Enabled

Disclosed by zephrfish on Pornhub on 2016-08-17

RCE Possible Via Video Manager Export using @ character in Video Title

Disclosed by zephrfish on Pornhub on 2016-07-04

Same-Origin Method Execution bug in plupload.flash.swf on /insights

Disclosed by zephrfish on Pornhub on 2016-06-28

Reflected XSS by way of jQuery function

Disclosed by zephrfish on Pornhub on 2016-06-28

Public Facing Barracuda Login

Disclosed by zephrfish on Pornhub on 2016-06-22

PornIQ Reflected Cross-Site Scripting

Disclosed by zephrfish on Pornhub on 2016-06-22

[xss, pornhub.com] /user/[username], multiple parameters

Disclosed by zephrfish on Pornhub on 2016-05-26

Cross Site Scripting - On Mouse Over, Blog page

Disclosed by zephrfish on Pornhub on 2016-05-26

Reflected Cross-Site Scripting on French subdomain

Disclosed by zephrfish on Pornhub on 2016-05-26

Unprotected Memcache Installation running

Disclosed by zephrfish on Pornhub on 2016-05-26

Cross Site Scripting – Album Page

Disclosed by zephrfish on Pornhub on 2016-05-23

[reflected xss, pornhub.com] /blog, any

Disclosed by zephrfish on Pornhub on 2016-05-23