HackerOne 2024 report – 161 vulnerabilities reported

In the dynamic realm of cybersecurity, one figure has emerged as a standout performer in 2024: the enigmatic @19whoami19.

This digital virtuoso, affectionately dubbed the “Cardinal” for their keen eye and precision, has made significant strides on HackerOne, reporting a remarkable 161 vulnerabilities throughout the year.

Starting the year with a modest 14 submissions in January, @19whoami19’s trajectory quickly accelerated. By June, they had hit a peak with 50 new submissions, showcasing their relentless dedication to uncovering security flaws.

The culmination of their efforts was evident by November, with 256 reports filed, underscoring their commitment to enhancing cybersecurity.

Mastery in Vulnerability Detection

@19whoami19 has distinguished itself with an exceptional ability to identify Information Disclosure vulnerabilities, uncovering 111 such issues over the year.

Their expertise doesn’t stop there; they have also made significant findings in Code Injection (32 reports) and maintained a balanced approach with Cross-site Scripting and Improper Access Control vulnerabilities (12 each).

The severity of their reports further highlights their skill and understanding of security impacts.

Throughout 2024, they identified 21 critical vulnerabilities, with July particularly noteworthy due to eight critical discoveries.

Medium-severity issues formed the core of their submissions, while high-severity findings peaked in October with 11 reports.

A Specialist in Web Security

Focusing primarily on web applications, @19whoami19 has submitted an impressive 229 reports in this category.

Ventures into network security and explorations in mobile and binary analysis complement their specialization in this domain.

This diverse skill set underscores their versatility and deep understanding of various platforms.

Legend has it that within the digital forest resides @19whoami19, a Cardinal whose unique abilities allow them to navigate complex web applications seamlessly.

With their specialized skills, they have become adept at identifying vulnerabilities like digital seeds scattered across the code landscape.

Notably, during one intense session in July, they discovered eight critical vulnerabilities, earning accolades from the hacker community.

Also Read: