Skip to content
View EdOverflow's full-sized avatar
I swear there was an XSS somewhere around here...
I swear there was an XSS somewhere around here...
3.5k followers · 22 following

Sponsors

@projectdiscovery

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Public SponsorAchievement: Pull Sharkx3

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Public SponsorAchievement: Pull Sharkx3

Highlights

Organizations

@liberapay @securitytxt

Block or report EdOverflow

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
edoverflow/README.md

Hi 👋

I am a web designer, developer, security researcher, and have experience triaging for numerous vulnerability disclosure programmes.

In 2016, I joined Gratipay’s Blue Team where I operated their bug bounty programme. Subsequently, in 2018, I joined HackerOne as a Security Analyst. While at HackerOne, I had the privilege of triaging in-person alongside organisations such as GitHub, Salesforce, and the United States Marine Corps.

Currently, I am a Senior Pentester at Cure53, where I use my expertise to help clients strengthen their security posture by conducting security audits and source code reviews.

Outside of work, I enjoy staying active and maintaining a strong dedication to swimming, honed during my time as a student on the University of Warwick’s Sports Scholarship programme.

edoverflow.comLinkedIn

Pinned Loading

  1. securitytxt/security-txt securitytxt/security-txt Public

    A proposed standard that allows websites to define security policies.

    HTML 1.8k 74

  2. can-i-take-over-xyz can-i-take-over-xyz Public

    "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

    Python 5.1k 746

  3. contact.sh contact.sh Public

    An OSINT tool to find contacts in order to report security vulnerabilities.

    Shell 268 47

  4. legal-bug-bounty legal-bug-bounty Public

    #legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.

    71 20

  5. securitytxt/securitytxt.org securitytxt/securitytxt.org Public

    Static website for security.txt.

    HTML 67 36