List of Y Combinator companies I have worked with(hacked)

Manish Uncategorized

Background:

I have worked with lots of companies as security consultant through bug bounties either I asked them if they need my service or they approached. I’m a big fan of Paul’s essay, Hacker News, Startup School and YC as a whole, so thought to document my contribution to YC(nothing technical, just a list).

I have worked with these companies in their early stage to resolve security issues with their websites:

  1. Xobni (S06) :   Acquired by Yahoo later. Found account take over CSRF in setting page. Got Yahoo swags.
  2. Dropbox (S07):  Multiple bugs in the mailbox and other acquisitions. Got listed on Special Thanks page, swags and 100GB.
  3. Disqus (S07):  Got stickers and swags.(Can’t find the mail, don’t remember the issues)
  4. Heroku(W08):  Screen Shot 2015-10-28 at 11.49.39 am
  5. WePay (S09):  Participated in their bug bounty program on Hackerone.
  6. Olark (S09):    Screen Shot 2015-10-28 at 11.58.44 am
  7. Mixpanel(S09): Screen Shot 2015-10-28 at 12.02.29 pm
  8. Stripe(S10):Screen Shot 2015-10-28 at 12.06.52 pm
  9. PagerDuty(S10): Multiple issues,Multiple swags Screen Shot 2015-10-28 at 12.11.04 pm
  10. Hipmunk(S10): Just realized, I was discussing stuff with Steve Huffman 🙂 Screen Shot 2015-10-28 at 12.15.14 pm
  11. Chart.io(S10): Screen Shot 2015-10-28 at 12.20.16 pm
  12. Mailgun(W11): Screen Shot 2015-10-28 at 12.24.17 pm
  13. DR Chrono(W11): Worked with CEO directly and got handsomely rewarded for my work.
  14. Parse(S11):  Yes, Parse CEO said thisScreen Shot 2015-10-28 at 12.33.19 pm
  15. Firebase(S11): Screen Shot 2015-10-28 at 12.36.45 pm
  16. Instacart(S12):   Through private bug bounty
  17. Easel.io(S12):  Acquired by Github, reported multiple issues. Special Thanks page on Github.
  18. Coinbase(S12): Through public bug bounty on Hackerone.
  19. Clever(S12): Screen Shot 2015-10-28 at 12.45.16 pm
  20. Zenefits(W13): Through private Bug bounty.
  21. Heap Analytics(W13): Screen Shot 2015-10-28 at 12.49.59 pm
  22. TrueVault(W14): Screen Shot 2015-10-28 at 12.54.42 pm
  23. Algolia(W14): still have lots of Algolia stickers 🙂
  24. Gitlab(W15): Listed on Acknowledgement page.
  25. Hacker News: Yup, Y Combinator itself. You can find me on their thanks page.

Look like that’s it for now.

so 25, not bad! BTW I am no ninja hacker, most of the stuff are the same task just another website. I have been a jerk professionally (in responding emails), sometimes I didn’t know the tech celebrity I’m talking with, for e.g Steve Huffman, IIya sukar.

I can help with basic web application testing but crowdsourcing your security is the best way to stay updated.

Any questions, suggestions or want to hire me? I’m at bhattacharya.manish7@gmail.com

Logging off

Manish

Edit: This list has grown up to 120+, I’m not maintaining this list anymore!

5 thoughts on “List of Y Combinator companies I have worked with(hacked)

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s