JamieSlome Follow

JamieSlome Follow

Focusing

Jamie Slome JamieSlome

Focusing

Co-founder & CTO @418sec

Follow

17 followers · 1 following · 6

418sec
London, United Kingdom
Sign in to view email
https://418sec.com
@JamieSlome

Highlights

Arctic Code Vault Contributor

Organizations

JamieSlome/README.md

Hi there, I'm Jamie 👋

🔭 I’m securing the world's open source code at 418sec
🌱 I’m currently learning about the importance of security in the open and how to bake a proper muffin 🧁
👯 I’m looking to collaborate on fixing and finding vulnerabilities in open source packages
💬 Ask me about open source bug bounty, startup entrepreneurship and A.I.
📫 How to reach me: @JamieSlome on Twitter or my LinkedIn
⚡ Fun fact: I co-authored a paper about autonomous vehicles - check it out here
🐞 Current project: I'm the lead developer for the bug bounty board, huntr

Pinned

418sec/huntr

📚 Open source resources related to huntr - the bug bounty platform

JavaScript 52 52

3,337 contributions in the last year

Activity overview

Contributed to 418sec/huntr, JamieSlome/JamieSlome, JamieSlome/testRepository and 5 other repositories

Contribution activity

November 2020

Created 627 commits in 2 repositories

Created 2 repositories

JamieSlome/huntr JavaScript Nov 12
JamieSlome/safe-flat JavaScript Nov 3

Opened 310 pull requests in 1 repository

418sec/huntr

308 merged 2 closed

Removing bounty assign.js (1) from the platform Nov 17
Removing bounty gson-pointer (1) from the platform Nov 17
Correcting disclosure date for hughsk/flat Nov 17
Removing bounty frappe-charts (1) from the platform Nov 16
Removing bounty objnest (1) from the platform Nov 16
Adding bounty for intervention/image (2) to the platform Nov 16
Adding bounty for intervention/image (1) to the platform Nov 16
Converting GitHub ID to username Nov 16
Returning other instead of null for failed get language in enricher Nov 16
Removing bounty traduora (3) from the platform Nov 16
Removing bounty @monabbous/unflatter (1) from the platform Nov 16
Removing bounty safe-flat (1) from the platform Nov 16
Removing bounty for @ianwalter/dot (1) from the platform Nov 16
Adding PR numbers for vulnerabilities to live Nov 13
Cross-site Scripting (XSS) in yidashi/yii2cmf (packagist) - 1 Nov 13
Cross-site Scripting (XSS) in villagedefrance/opencart-overclocked (packagist) - 1 Nov 13
E-mail Verification Bypass in userfrosting/userfrosting (packagist) - 3 Nov 13
Session Fixation in userfrosting/userfrosting (packagist) - 2 Nov 13
Lack of Rate Limiting in userfrosting/userfrosting (packagist) - 1 Nov 13
Cross-site Scripting (XSS) in symphonycms/symphony-2 (packagist) - 1 Nov 13
Cross-site Scripting (XSS) in sunhater/kcfinder (packagist) - 1 Nov 13
Cross-site Request Forgery (CSRF) in pyrocms/pyrocms (packagist) - 1 Nov 13
Cross-site Request Forgery (CSRF) in phppgadmin/phppgadmin (packagist) - 1 Nov 13
User Enumeration in pagekit/pagekit (packagist) - 1 Nov 13
Cross-site Scripting (XSS) in opencart/opencart (packagist) - 1 Nov 13
Some pull requests not shown.

Reviewed 6 pull requests in 1 repository

418sec/huntr 6 pull requests

Relative Path Traversal in Intervention/image Nov 16
WIP: Auto disclosure QA and merge Nov 12
Cross-Site-Scripting in PHPMailer Nov 10
Reflected XSS in - Laracom Nov 10
Fetch repository primary Codebase on enricher Nov 3
User name/email enumaration in - Mautic Nov 2

Created an issue in 418sec/huntr that received 5 comments

Handle null language in enricher

5 comments

Opened 10 other issues in 1 repository

418sec/huntr

7 open 3 closed

Check if the repository provided is a valid repo Nov 17
Update correct date of disclosure on GitHub Action Nov 16
Append Discloser on GitHub Action workflow Nov 13
Append PR number to vulnerability in Action Nov 12
Add PR number to vulnerability.json on disclosure merge Nov 12
Fork repository on disclosure merged Nov 12
Create GitHub issue on disclosure merge Nov 11
Consider auto-merge approaches for staging to master Nov 10
Add PR number to all vulnerability.json (historic) Nov 10
Remove all bounty.json Nov 10

41 contributions in private repositories Nov 3 – Nov 18

You can’t perform that action at this time.