Skip to content
Avatar
I swear there was an XSS somewhere around here...
I swear there was an XSS somewhere around here...
2.4k followers · 23 following

Sponsors

@tomnomnom @pondim @codingo @Will-B2 @projectdiscovery

Achievements

Arctic Code Vault Contributor

Achievements

Arctic Code Vault Contributor

Highlights

Organizations

@liberapay @securitytxt
Block or Report

Block or report EdOverflow

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
EdOverflow/README.md

Logo

Hi 👋

I am a web designer, developer, security researcher, and have experience triaging for numerous vulnerability disclosure programs.

In 2016, I joined Gratipay's Blue Team where I operated their bug bounty programme. Subsequently, in 2018, I joined HackerOne as a Security Analyst. While at HackerOne, I had the privilege of triaging in-person alongside organisations such as: GitHub, Salesforce, and the United States Marine Corps.

In 2017, I published an Internet Draft for a proposed standard which allows websites to define security policies called security.txt. A year later, I created Bug Bounty Guide, a launchpad for bug bounty programs and bug bounty hunters.

edoverflow.com@EdOverflow

Pinned

  1. securitytxt/security-txt Public

    A proposed standard that allows websites to define security policies.

    HTML 1.5k 73

  2. can-i-take-over-xyz Public

    "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

    3k 535

  3. csp Public

    Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

    Go 96 16

  4. contact.sh Public

    An OSINT tool to find contacts in order to report security vulnerabilities.

    Shell 231 46

  5. legal-bug-bounty Public

    #legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

    47 17

  6. securitytxt/securitytxt.org Public

    Static website for security.txt.

    HTML 50 34

754 contributions in the last year

Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Mon Wed Fri
Learn how we count contributions
Less More
Activity overview
Contributed to EdOverflow/can-i-take-over-xyz, securitytxt/securitytxt.org, facebook/sapp and 5 other repositories

Contribution activity

April 2022

5 contributions in private repositories Apr 2 – Apr 3

Seeing something unexpected? Take a look at the GitHub profile guide.