BugBountyNotes.com | zseano's bugbounty profile

ous">

User Profile

zseano

About

Hey! I'm zseano and I run BugBountyNotes. I do bugbounties full time and I managed to reach the top 10 on bugcrowd in just 8months from one program. I am lucky to attend live events by HackerOne and this is what inspired me to create this! :) I specialise in webapp testing and I love helping others. Feel free to reach out

Personal website:
https://www.zseano.com/

Platform Accounts

HackerOne Username:
zseano

Bugcrowd Username:
zseano

HackenProof Username:
zseano

Completed Challenges (4)

Find the vulnerable parameter and try beat the XSS filter!

Can you XSS when redirecting?

Can you bypass the Open URL redirect filter?

This developer didn't realise people could view the HTML source. What can you find?

Recognised by

zseano's Recent Activity

View zseano's statistics

Can you add yourself to the hall of fame?

zseano created a challenge on 2018-12-04

Bypassing filters for XSS

Forum topic created in BugBounty Discussion on 2018-11-27

Challenge Suggestions

Forum topic created in General Discussion on 2018-11-17

What do you look for in a bugbounty platform?

Forum topic created in Platform Discussions on 2018-11-13

Hey 0xteknogeek - we're waiting

Forum topic created in Mobile Discussions on 2018-11-13

What do you have on your toast?

Forum topic created in General Discussion on 2018-10-30

Who does bugbounties full time?

Forum topic created in BugBounty Discussion on 2018-10-30

Your fav swag?

Forum topic created in Platform Discussions on 2018-10-30

Site only allows for .zip and .txt - thoughts on bypassing?

Forum topic created in Bug Help on 2018-10-30

It’s all in the detail: Email leak & Account takeover thanks to WayBackMachine & extensive knowledge about the program

Shared by zseano on 2018-10-30

Improper CSRF token handling leads to site-wide CSRF issue, chained with clickjacking = woot! Multiple sites vulnerable

Shared by zseano on 2018-10-29

Maintenance ongoing -- UPDATED!

Forum topic created in BugBountyNotes Announcements on 2018-10-10

Can you bypass the Open URL redirect filter?

zseano created a challenge on 2018-09-28

Blind testing - debug mode

zseano created a challenge on 2018-09-28

Your new profile!

Forum topic created in BugBountyNotes Announcements on 2018-09-25

Welcome to BugBountyNotes!

Forum topic created in BugBountyNotes Announcements on 2018-09-14

How re-signing up for an account lead to account takeover

Shared by zseano on 2018-09-14

How signing up for an account with an @company.com email can have unexpected results

Shared by zseano on 2018-09-14

Hey UserID x, what's your secret token?

Shared by zseano on 2018-09-14

Find the vulnerable parameter and try beat the XSS filter!

zseano created a challenge on 2018-09-14

This developer didn't realise people could view the HTML source. What can you find?

zseano created a challenge on 2018-09-14

There's cross site request forgery (CSRF) protection, but how good is it?

zseano created a challenge on 2018-09-14

Bypass rate limiting on /users/password (possibly site-wide rate limit bypass?)

Disclosed by zseano on Hackerone on 2016-12-08

https://windsor.shopify.com/ takeover

Disclosed by zseano on Shopify on 2016-07-19