Hall Of Fame
Here is the list of the individuals and organizations that explicitly helped us in improving the security of the EU Institutions, Agencies, and Bodies by reporting security issues and vulnerabilities discovered. Anybody interested in reporting, should read the CERT-EU Responsible Disclosure Policy first.
Tinu Tomy( xskullx ) - https://twitter.com/@TinuRock007
Sushmitha Katikitala - https://www.linkedin.com/in/sushmitha-katikitala-04815558/
Mihkel Raba - https://www.clarifiedsecurity.com/
Benjamin Kunz Mejri
Daniel Burtscher - db-security.at
Harsh Joshi https://www.facebook.com/harshjoshi.85
Alper TECIMER (https://www.facebook.com/alper.tecimer.7)
David Bloom (@philophobia78) Approach Belgium
Safak Aslan https://www.linkedin.com/in/safak-aslan-3b929545
Edward Williams (@dynllandeilo) - SpiderLabs
Michele Romano (https://hackerone.com/mik317)
Wai Yan Aung (@waiyanaun9)
Reported Cross-Site Scripting (XSS) vulnerability
Alfie Njeru (@emenalf)
SI9INT
Reported an information disclosure.
CHI TRAN (@ctrsec) - Southern Methodist University - Security Researcher @AceBear
Roshan Pathak(@P4YLO4D)
An Phuoc Trinh (@_tint0) of Viettel Cyber Security
Amrendra Sharan, NITTTR Chandigarh - https://www.linkedin.com/in/amrendra-sharan-71590124
Rachit Verma (@B43kd00r)
Harmesh Rana
Leonid Hartmann (@_harleo)
Hoang Quoc Thinh (@g4mm4) of CyberJutsu.IO
MyGf TurkHackTeam.Org
Safwat Refaat - https://twitter.com/Caesar302
Andrei Conache - linkedin.com/in/andrei-conache
Antonio FERNANDES
Mubassir Patel - http://pentestools.com/
Jai Ghorpade (@2keebs) - University of Technology, Sydney | Cyber Security Society
Hamza ERRACHDI https://twitter.com/hecvs17
Debug information disclosure
SecuNinja - https://twitter.com/secuninja, https://secu.ninja/
Yaroslav Babin - https://www.linkedin.com/in/yarbabin/
Miguel Santareno - https://www.linkedin.com/in/miguelsantareno/
S Naveen Kumar - www.linkedin.com/in/naveen-kumar-s-24076510b, www.facebook.com/naveenhaxor
Avinash Jain - https://www.linkedin.com/in/avinash-jain-54524678/
Jack Walker
B.Dhiyaneshwaran - https://www.linkedin.com/in/dhiyaneshwaran-b-27947a131/
Mayank - Birla Institute of Technology, Mesra - https://www.linkedin.com/in/mayank1007
Kasper Karlsson - https://omegapoint.se/
Kamal Kothyari - https://www.linkedin.com/in/kamal-kothyari-5bba5435/
Eusebiu Blindu - http://www.testalways.com
Armin - www.cyberanteater.de - https://twitter/cyberanteater
Abdualrhman Muzamil Suliman - Facebook.com/abodeyxo
Karthikeyan Subramaniyan - https://www.linkedin.com/in/karthikeyan-subramaniyan-a87325132
Myo Ko (nutronex)
Osama Alaa "Information Security Engineer at Security-Meter" , https://www.linkedin.com/in/osama-alaa-hamza/
Christan Fünfhaus, Tim Windmann - https://code-white.com
GAİS (Güvenlik Açığı İstihbarat Servisi) - @hackergnc
Rhishikesh M V - https://www.facebook.com/100002420827305
Numan OZDEMIR - @ webcop security. (https://webcop.org - twitter: @numanozdemircom)
Cem Onat Karagun - Threat and Vulnerability Management of IBTech
Clément O @volvicus
Ketan Madhukar Mukane - https://www.facebook.com/eSecHax0r
Kyaw Pyiyt Htet - https://twitter.com/kyawpyiythtet
Diogo Real - https://diogoreal.com - https://twitter.com/c0rtePentest
Bill Ben Haim - https://il.linkedin.com/in/bill-ben-haim-b6775a48
Shubham Garg
Jens Wagner - https://www.linkedin.com/in/jens-wagner-3792103/
Anti Räis - https://www.clarifiedsecurity.com/
Raneesh R - https://twitter.com/raneesh_ravi - https://www.linkedin.com/in/raneeshravi
Alan Richardson - www.eviltester.com
Rhishikesh M V
Michele Toccagni - hacktips.it
Andres Liiver - https://www.clarifiedsecurity.com/
Safwat Refaat
Rajesh Tewari https://www.linkedin.com/in/rajesh-tewari-188324111/
Robert Wiggins
Tibin Sunny - https://www.facebook.com/TibinSunny95 - https://twitter.com/TibinSunny1
Adel Boutine - https://www.openbugbounty.org/researchers/OOS/
Andrew Suters- University of Technology, Sydney | Cyber Security Society
Robert Wiggins - https://xsses.rocks/blog/
Ricardo Almeida
Ashish Kumar
atmon3r (Twitter:@atmon3r)
Chirag Gupta - https://www.linkedin.com/in/chiraggupta8769 - www.Twitter.com/chiraggupta8769 - chiraggupta8769@gmail.com
Prathamesh Joshi - https://www.facebook.com/pathya.joshi - @pr4th4m_joshi
Mohammed Shameem Shahnawaz - @_M_Shahnawaz - https://www.linkedin.com/in/mohdshameem36/
Dawood Ansar
Ashu Jain
Yassine Nafiai - @Ynafiai
Gonnabathula Vaishno Chaitanya - https://www.linkedin.com/in/gvaishno/ - https://twitter.com/ghoststarops
Zeba Naaz - https://www.linkedin.com/in/zeba-naaz-178212138/ - zebanaaz2203@gmail.com
Djaber Djoukhrab - www.facebook.com/djrootdz
Dadou bendjedidi (Dadou Dz , https://www.facebook.com/Mister.DadouDz )
Havoc Guhan - https://fb.com/havocgwen
Alessandro Brucato - alessandro.brucato@protonmail.com - https://www.linkedin.com/in/alessandro-brucato/
Gonnabathula Vaishno Chaitanya - https://twitter.com/ghoststarops - https://www.linkedin.com/in/gvaishno/
Shubham Maheshwari - https://www.linkedin.com/in/shubham-maheshwari-83065b113/
Rounak Dhadiwal (Intern at HackersEra Cyber Security Consultancy PVT Ltd) www.linkedin.com/in/rounak-dhadiwal-hacker999
Renwa - https://twitter.com/RenwaX23
Kirtikumar Anandrao Ramchandani - https://www.linkedin.com/in/kirtikumar-anandrao-ramchandani-ba949b153
Cosmin Ciobanu
Thrivikram Gujarathi - https://www.linkedin.com/in/thrivikram-gujarathi-independent-web-penetration-tester-53074796
Muhammad Muhaddis - http://www.muhaddis.info
JHANG JHE YU - @honcbb
Adrien Jeanneau - Security Consultant - @Synetis
Alexis Laborier https://fr.linkedin.com/in/alexis-laborier-b3544b132
Timothée Menochet - Security Consultant @Synetis
Oladigbolu, Shuaib Abidemi - twitter:@_sawzeeyy
Youssef ABYAA - twitter.com/josef0x
Ifrah Iman - ifrahiman99@gmail.com
Nicolas Francois Aka MiaouuuuX - ( https://linkedin.com/in/nicolas-francois-a570b643/)
Mehul Patil
Shivam Pandya
Ankur Pandey (https://www.linkedin.com/in/ankur-pandey-07ab3b54/)
Samet SAHIN (Twitter: @F4LCONE_ Linkedin: sametsahinn)
Tarık A. Konuşkan
Taha Smily (https://twitter.com/TahakhanTaha)
Mahesh Raykar (https://www.linkedin.com/in/maheshraykar1997/)
Aditya Jadhav - www.securecyberfuture.com
JT__- (@0x4a545f5f2d)
Emad Shanab (@*Alra3ees*)
Nick Kelley
Vikash Chaudhary (CEO & Founder at HackersEra Cyber Security Consultancy PVT Ltd) - https://www.linkedin.com/in/vikash-chaudhary-796a44120/ - www.hackersera.com
Sweepatic (info@sweepatic.com, https://www.sweepatic.com, @sweepatic)
Yassine Nafiai (www.facebook.com/yassine.nafiai.1 | twitter.com/YNafiai)
Suresh Narvaneni (https://www.linkedin.com/in/mrreboot/)
Chandrashekar Masapaka (https://www.facebook.com/Chandrashekar.Mas)
Lacroute Serge (https://twitter.com/fakessh)
Akash Labade (https://twitter.com/AkashLabde3, https://www.linkedin.com/in/akash-labade-9463a8111)
Rohit Dalvi Twitter :- twitter.com/dalvia62
Aamir Rehman Yousafzai Lead Penetration Tester @ JAZZ HQ Islamabad. fb: https://web.facebook.com/yousafzian2
Himanshu rahi <hunny.rahi55@gmail.com>
SHWETABH SUMAN ( @SHWETABHSUMAN11 ) - https://www.facebook.com/profile.php?id=100011024580051
Lewis, https://twitter.com/LewisBugBounty
Athul Jayaram (@athuljayaram) - https://www.linkedin.com/in/athuljayaram - http://athuljayaram.com
SHWETABH SUMAN ( @SHWETABHSUMAN11 ) - https://www.facebook.com/profile.php?id=100011024580051
MOHAMMED ADEL - https://www.facebook.com/xXalreshyxX
Akshay Prashant Borase <mr.akshayborase@gmail.com>
Zvi Dolgov ENGINEER, NETWORK CONSULTING zdolgov@cisco.com
Piyush Soni
Sajibe Kanti - @Sajibekantibd
Zvi Dolgov
İsmail BÜLBÜL (Uluslararası Siber Güvenlik Federasyonu - www.usgf.org.tr)
Luigi Gubello - twitter.com/1005458
Vasim Shaikh - https://www.linkedin.com/in/vasim-shaikh-094507110?trk=hp-identity-name
Richard Alviarez (@Queseguridad)
Tansel ÇETIN
Silvia Väli (https://www.clarifiedsecurity.com/silvia-vali/)
Cameron Dawe
Wen Bin KONG - (@kongwenbin - https://linkedin.com/in/kongwenbin)
Martin Thirup Christensen - https://twitter.com/Mthirup
Liam Somerville - https://www.linkedin.com/in/liamsomerville/
Steven (@Keritzy)
Anti Räis - Clarified Security
Sadik Shaikh - https://www.extremehacking.org
Dardan Prebreza
Florian Charbonneau - https://twitter.com/DrStache_
Nitesh Sharma - https://www.linkedin.com/in/niteshusharma
Adesh Nandkishor Kolte facebook.com/kolteadesh
Doğukan Karaciğer https://twitter.com/ <https://twitter.com/Karacigerdogu>
Sadik Shaikh https://www.extremehacking.org
Jolan Saluria
Fidan Hakaj - (@fdnhkj - https://www.linkedin.com/in/fidan-hakaj/)
Damian Ebelties
CDL (@sxcurity of Project Insecurity - https://insecurity.zone/)
Alyssa Herrera (https://www.linkedin.com/in/Alyssa-O-Herrera)
Vipin Chaudhary (@vipinxsec )
Nagaraju Repala (@nagarockshard)
Konduru Jashwanth
Lewis Wildgoose (@LewisWildgoose)
David Castro (SadFud) - https://www.linkedin.com/in/david-castro-valdeolmillos-a0048311a/
Hamit Abiş
Cem Onat Karagün (@cemonatk)
Sander Van Dooren
Amine Hm (facebook.com/AMiN3.HM)
Honc - honcbb@gmail.com
Anas Laabab - @ANAS_L44B4B
Suhas Gaikwad
Marko Belzetski of Clarified Security
Sreedeep.Ck Alavil Kerala Police Cyber Dome Volunteers Commander www.facebook.com/Hacker.Sreedeep.Ck
Vishal Shukla https://www.facebook.com/shukla304
Alec Blance (blancealec1@gmail.com) www.facebook.com/alec.blance
SaifAllah benMassaoud « FB/WhiteHatSecuri & @benmassaou »
Evan Ricafort (@evanricafort) www.evanricafort.com
Md. Nur A Alam Dipu (depu1994@gmail.com)
Taavi Sonets (taavi@clarifiedsecurity.com) CLARIFIEDSECURITY
Nirmal Thapa (twitter.com/nirmal_4n_)
Aamir Rehman Lead Penetration Tester @Mobilink HQ Islamabad. fb: https://web.facebook.com/yousafzian2
Vishal Shukla https://www.facebook.com/shukla304
Elar Lang / Clarified Security
Max Derrick (twitter.com/Max1noz)
Mohd Aqeel Ahmed (www.fb.com/Ciph3r00t)
Raad Firas Haddad (Contact information : @raadfhaddad - raadfhaddad@gmail.com)
Jayson Vasquez Rubio
Antonio Cannito (ant.cannito[@]gmail.com - https://www.facebook.com/antonio.cannito.banzi)
Squnity (squnity.com)
Kyaw Thiha (https://www.linkedin.com/in/kyawthiha89)
Cristian Joseph D. Legacion - Web Security Researcher (https://www.facebook.com/cj.legacion10)
Yassine Algangaf - Attack prevention mechanisms Reseacher and proof of concepts developer
Karl Kristjan Raik - Clarified Security
Georges Taupin - Security Consultant @Synetis (www.synetis.com)
Arbin Godar
Ahmad Amjad Alfoqha'a
Mohamed Osman Saeed - DTS Solution
Mert Tasci
Mohamed Abdelbaset Elnoby - Seekurity Inc.
Jaanus Kääp
Mohammed Chamli - Government Laboratory
Ayoub Ait Elmokhtar
Fabien Dromas - Security Consultant @Synetis
Adria Romero from Enxampat
Rio Sherri (Infogen AL)
Yann CAM - Security Consultant @ASafety - Synetis
Djaballah Mohamed Taher
Hamza Bachikh (Alhamdulillah) (@miZo_Rayk)
Maximilian Kretschmer D.S.K Datensicherheit Kretschmer UG
Michal Koczwara and Siavosh Zarrasvand
Ketankumar B. Godhani (@KBGodhani)
Lawrence Amer from Vulnerability Lab (www.vulnerability-lab.com)
Jose Carlos Exposito Bueno from Internet Security Auditors
Marcin Szydlowski
Vincent Malguy
Florian Kunushevci
Roberto Zanga
Rahul Kankrale
Ahmed Adel Abdelfattah
Ali Tabish
Ahmet Omeroglu
Mahmoud Abdal Azez
Mustafa Hasan
Karol Celiński from Immunity Systems Sp. z o.o.
BALAJI P R from infoseclabs.in
Hadji Samir from Vulnerability Lab (www.vulnerability-lab.com)
Roy Jansen
CERT-EU Responsible Disclosure Policy
What to report to CERT-EU:
Security Incidents and Vulnerabilities, which occur in software components, protocols, or hardware of websites or systems of EU Institutions Agencies or Bodies, and may affect significant number of users and/or critical infrastructure.
Vulnerability reporting policy:
CERT-EU reserves the right to accept or reject any vulnerability disclosure report at its discretion, based on the following general criteria:
- Pre-disclosure handling of the potentially sensitive vulnerability
details:
- The vulnerability should have not already been publicly disclosed.
- It is important to report the vulnerability as quickly as possible after its discovery.
- Even after reporting the vulnerability, no information on the security problem should be shared with others until the incident has been processed and resolved. Failure to comply with this requirement may result in the reported being removed from the CERT-EU Hall of Fame.
- The vulnerability finding must be new and severe enough to be considered as eligible for a mention in the Hall of Fame of CERT-EU. The severity of a vulnerability finding is assessed by CERT-EU at its own discretion. CERT-EU reserves the right to reject reports of vulnerabilities, which have already been previously reported.
Vulnerability reporting instructions:
- E-mail your findings to reports (at) cert.europa.eu.
- Encrypt your email using the PGP key available on CERT-EU website
- Provide as much information as possible regarding the finding, in order for CERT-EU to handle the incident as efficiently as possible.
If more information is required, CERT-EU will contact the reporter, therefore any contact details (email address and telephone number) should be valid.
If the previously mentioned conditions are satisfied, CERT-EU will proceed with notification to the impacted party. Once the issue has been fixed or no later than 3 months since the initial report, the reporter may be mentioned (at his own discretion) in the Hall of Fame of CERT-EU (this page) with a short description of the type of vulnerability reported.
Info
This website is managed by CERT-EU. Find out more about us.
For questions or comments, please contact us at:
email: cert-eu@ec.europa.eu
PGP Fingerprint: CBD6 07BA 59AC 4462 B98F 8DB2 32AB 2903 830D ACB8
Emergency phone: +3222990005
Tools
Monday, May 20, 2019
12:57:00 PM CEST
Edition
Edition: 1
