Lewis | Security Researcher Profile
Security researcher Lewis has already helped fix 434 vulnerabilities.
Follow me on:
Twitter
Real name:
Lewis K
About me:
Infosecurity @ University - dont hesitate to shoot an email if I report something on your site; I always reply ]
How to contact me:
Email - [email protected]
Twitter - @Lewis
Experience in Application Security:
1-3 years
Award / Bug Bounty I prefer:
Thanks, freebies, hall of fame mentions or if you're feeling generous, paypal or bitcoin is extremely appreciated #studentlife
Halls of Fame:
Tesla
Microsoft
Mozu
(ISC)
Research Statistics
| OpenBugBounty Certificate | Download |
| Approved XSS vulnerabilities: | 863 |
| Approved XSS vulnerabilities on VIP websites: | 124 |
| Patched vulnerabilities: | 434 |
| Verified vulnerabilities on Hold (Open Bug Bounty): | 6 |
| Active since: | 08.06.2015 |
Awards and Achievements
Advanced Research and Outstanding Achievements
 |
 |
 |
 |
|
WAF Bypasser
|
Secured OBB
|
Bug Bounty Lord
|
Coordinated Disclosure
|
 |
|||
|
Fastest Fix
Fix in 24 hours
|
Number of Secured Websites
 |
|
|
 |
|
10+ Websites
|
50+ Websites
|
500+ Websites
|
WEB SECURITY VETERAN
1000+ Websites
|
Commitment to Responsible Disclosure
 |
|
|
|
|
Patch Master
70% Patched
|
Patch Guru
80% Patched
|
Patch Lord
90% Patched
|
Recommendations and Recognition
 |
|
|
|
|
REPUTABLE
30+ Recommends
|
FAMOUS
50+ Recommends
|
GLOBALLY TRUSTED
100+ Recommends
|
CSRF Craftsmanship
 |
|
|
|
|
CSRF Pro
10+ Reports
|
CSRF Master
50+ Reports
|
CSRF Guru
100+ Reports
|
Application Logic Craftsmanship
 |
|
|
|
|
AppSec Logic Pro
10+ Reports
|
AppSec Logic Master
50+ Reports
|
AppSec Logic Guru
100+ Reports
|
VIP Submissions
 |
 |
||
|
MADE WEB SAFER
250+ VIPs
|
SECURITY EVANGELIST
500+ VIPs
|
Quantity of Reports
 |
|
|
 |
|
10+ Reports
|
50+ Reports
|
500+ Reports
|
CYBERLORD
1000+ Reports
|
Recommendations and Acknowledgements
14 January, 2016
tjpoutanen
Lewis reported an XSS vulnerability on milq.com. I'm the CTO and received a report from xssposed. I emailed lewis and within minutes he responded with an example URI that would trigger the vulnerability and information on how to prevent it. Awesome.
I owe him and xssposed a big boatload of gratitude.
Reported Vulnerabilities
All Submissions VIP SubmissionsFeatured Submissions
| Domain | Reported | Status | Type |
|
06.05.2017
|
On Hold
|
XSS (Open Bug Bounty) |
|
|
06.05.2017
|
On Hold
|
OR (Open Bug Bounty) |
|
|
02.05.2017
|
On Hold
|
XSS (Open Bug Bounty) |
|
|
02.05.2017
|
On Hold
|
XSS (Open Bug Bounty) |
|
|
02.05.2017
|
On Hold
|
XSS (Open Bug Bounty) |
|
|
02.05.2017
|
On Hold
|
XSS (Open Bug Bounty) |
|
|
18.04.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
18.04.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
18.04.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
16.04.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
16.04.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
15.03.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
18.02.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
18.02.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
18.02.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
09.02.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
30.01.2017
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
22.11.2016
|
unpatched
|
XSS (Open Bug Bounty)
|
|
|
16.11.2016
|
patched
|
XSS (Open Bug Bounty)
|
|
|
26.09.2016
|
unpatched
|
XSS (Open Bug Bounty)
|
Please login via Twitter to add a recommendation