Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
934,372 coordinated disclosures
557,172 fixed vulnerabilities
1301 bug bounties with 2,601 websites
22,323 researchers, 1293 honor badges

Luke | Security Researcher Profile

Security researcher Luke has already helped fix 63 vulnerabilities.

Researcher reputation:  20

Real name:

About me:
University Student & Security Researcher

All bugs found are held for 12 weeks before being disclosed. This is to protect the end company and myself.

Contact email:
email: [email protected]

Alternative Contacts:
Contacting me via email is the best way to get a fast response, however you may DM me on twitter.

Certifications & Diplomas:
BTEC Extended Diploma in Computing and Software Development.

Experience in Application Security
1-3 years

Award / Bug Bounty I prefer:
A recommendation on my profile is perfect, however if you're feeling extra generous you could send me a cool t-shirt or maybe some cash via PayPal or BTC to help me finance my University fees.

Halls of Fame:
Tesla Motors
Ubiquiti Networks
Rockstar games

Follow me on:

Recommendations and Acknowledgements

@LilitheLotor     14 May, 2017
    Twitter LilitheLotor Lilithe Lotor from Personal Website:
Lucas found an XSS in a script I made a long time ago. Really appreciate it as those old pieces of code can be targets!

I coded it over a lunch hour in 2010 but I should have known better. Never trust user inputs! I fixed up the code myself and I appreciate Luke's help.
@ole_morten     4 April, 2017
    Twitter ole_morten Ole Amundsen from Paladin Software:
Luke found some XSS vulnerabilities and reported them. We reached out and he is a polite and respectful, clearly describing the problem. And we fixed it. We are not happy about any security holes, but when they are there I am very happy that great people with integrity finds it and not those that want to cause sufferings. Thanks Luke!

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

10+ Recommends
25+ Recommends
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics

Total reports:133
Total reports on VIP sites:14
Total patched vulnerabilities:63
Recommendations received:2
Active since:01.03.2017

Open Bug Bounty Certificate

Researcher Certificate

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

No posts in blog yet

  Latest Patched


  Latest Blog Posts

11.04.2021 by Open Bug Bounty
Better Notifications Mechanism
28.03.2021 by febin_rev
Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892
10.02.2021 by Renzi25031469
Sysadminotaur nº88
10.02.2021 by Open Bug Bounty
Higher Submissions Quality Standard
25.12.2020 by _Y000_
How to bypass mod_security (WAF)

  Recent Recommendations

@MrMoney84315336     16 April, 2021
    Twitter MrMoney84315336:
Serious, fast and professional.Thanks for the report.
@studentdoctor     14 April, 2021
    Twitter studentdoctor:
Rngdr4 is an absolute professional. Very helpful in finding and helping to resolve our bug. Highly recommended! Thanks, rngdr4!
@lmanunza     13 April, 2021
    Twitter lmanunza:
Pooja found an XSS vulnerability in our website and acted ethically by reporting it to us, as well as providing all the information we needed to reproduce and fix the issue in a timely manner. Thank you very much!
@MrMoney84315336     13 April, 2021
    Twitter MrMoney84315336:
Thank you for reporting the XSS issue.
Thanks to the detailed report, we were able to fix the problem on the same day.
@Daniel_Gruber     12 April, 2021
    Twitter Daniel_Gruber:
Thanks for reporting the XSS problem at my websites and the open source software I am developing metamorfosec.