List of Y Combinator companies I have worked with(hacked)


I have worked with lots of companies as security consultant through bug bounties either I asked them if they need my service or they approached. I’m a big fan of Paul’s essay, Hacker News , Startup School and YC as a whole, so thought to document my contribution to YC(nothing technical, just a list).

I have worked with these companies in their early stage to resolve security issues with their websites:

  1. Xobni (S06) :   Acquired by Yahoo later. Found account take over CSRF in setting page. Got Yahoo swags.
  2. Dropbox (S07):  Multiple bugs in mailbox and other acquisitions. Got listed on Special Thanks page,swags and 100GB.
  3. Disqus (S07):  Got stickers and swags.(Can’t find the mail, don’t remember the issues)
  4. Heroku(W08):  Screen Shot 2015-10-28 at 11.49.39 am
  5. WePay (S09):  Participated in their bug bounty program on Hackerone.
  6. Olark (S09):    Screen Shot 2015-10-28 at 11.58.44 am
  7. Mixpanel(S09): Screen Shot 2015-10-28 at 12.02.29 pm
  8. Stripe(S10):Screen Shot 2015-10-28 at 12.06.52 pm
  9. PagerDuty(S10): Multiple issues,Multiple swags Screen Shot 2015-10-28 at 12.11.04 pm
  10. Hipmunk(S10): Just realized, I was discussing stuff with Steve Huffman 🙂 Screen Shot 2015-10-28 at 12.15.14 pm
  11. Screen Shot 2015-10-28 at 12.20.16 pm
  12. Mailgun(W11): Screen Shot 2015-10-28 at 12.24.17 pm
  13. DR Chrono(W11): Worked with CEO directly and got handsomely rewarded for my work.
  14. Parse(S11):  Yes, Parse CEO said thisScreen Shot 2015-10-28 at 12.33.19 pm
  15. Firebase(S11): Screen Shot 2015-10-28 at 12.36.45 pm
  16. Instacart(S12):   Through private bug bounty
  17.  Acquired by Github, reported multiple issues. Special Thanks page on Github.
  18. Coinbase(S12): Through public bug bounty on hackerone.
  19. Clever(S12): Screen Shot 2015-10-28 at 12.45.16 pm
  20. Zenefits(W13): Through private Bug bounty.
  21. Heap Analytics(W13): Screen Shot 2015-10-28 at 12.49.59 pm
  22. TrueVault(W14): Screen Shot 2015-10-28 at 12.54.42 pm
  23. Algolia(W14): still have lots of algolia stickers 🙂
  24. Gitlab(W15): Listed on Acknowledgement page.
  25. Hacker News : Yup, Y combinator itself. You can find me on their thanks page.

Look like that’s it for now.

so 25, not bad ! BTW I am no ninja hacker, most of the stuff are same task just other website. I have been a jerk professionally (in responding mails), sometime I didn’t knew the tech celebrity I’m talking with, for e.g Steve Huffman, IIya sukar.

I can help with basic web application testing but crowd sourcing your security is the best way to stay updated.

Any questions, suggestions or want to hire me ? I’m at

Logging off



5 thoughts on “List of Y Combinator companies I have worked with(hacked)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s