Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 266,899 coordinated disclosures
156,714 fixed vulnerabilities
214,964 websites, 17,468 VIP websites
7,173 researchers, 6,915 subscribers

MLT Top Security Researcher Top VIP Security Researcher of the Month | Security Researcher Profile


Security researcher MLT has already helped fix 1953 vulnerabilities.



Researcher reputation:  20

Real name:
Matt Telfer

About me:
In the past, I've attempted to focus on only securing the top sites (gov, military, large corporations).

I see users here making thousands of dollars by making reports to smaller sites, meanwhile, these large corporations have *NEVER* rewarded me with the exception of one company that I won't name.

Time to give you smaller guys a chance, hopefully I'll see some more generosity when you're not a huge corporation who puts profit over user safety.

How to contact me:
Email: [email protected]

(BTW, if you're wondering about my lack of recommendations. That's because I choose not to accept them on the page. These tabs should be collapsible for better UI)

Alternative Contacts:
http://twitter.com/insecurity
[email protected] (XMPP)

Certifications & Diplomas:
OSCP
CEH (Certified Ethical hacker)
Masters Degree in cybersecurity (first class hons)
CCNA

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
$$$ (PayPal/Bitcoin), Amazon Vouchers, swag, HoF.
No reward necessary for my time, but much appreciated if you do choose to reward me. Need help patching any bugs I report Feel free to contact me!

Halls of Fame:
For high-profile sites, see my featured/VIP submissions:

https://openbugbounty.org/researchers/MLT/featured/
https://openbugbounty.org/researchers/MLT/VIP/

Recommendations and Acknowledgements

    9 March, 2016
     zothar David Sowder from UT Arlington:
MLT responded with the relevant details in a reasonable amount of time. Our thanks to MLT for providing this information.

Please login via Twitter to add a recommendation

Awards and Achievements


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Research Statistics



Total reports:2532
Total reports on VIP sites:363
Total patched vulnerabilities:1953
Recommendations received:1
Active since:28.02.2015
Top Security Researcher Awards: The Top Security Researcher Top Security Researcher of the Month Top Security Researcher of the Month
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate



Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
25.02.2018
patched
Cross Site Scripting
25.02.2018
unpatched
Cross Site Scripting
25.02.2018
unpatched
Cross Site Scripting
14.06.2017
unpatched
Cross Site Scripting
14.06.2017
unpatched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
14.06.2017
patched
Cross Site Scripting
12.06.2017
patched
Cross Site Scripting
12.06.2017
unpatched
Cross Site Scripting
12.06.2017
unpatched
Cross Site Scripting
12.06.2017
patched
Cross Site Scripting

  Latest Patched

      radio.net
    Patched on 18.09.2018
      storyblocks.com
    Patched on 18.09.2018
      rubylane.com
    Patched on 18.09.2018
      usp.br
    Patched on 18.09.2018
      epson.eu
    Patched on 18.09.2018
      qnap.com
    Patched on 18.09.2018
      templatemonster.com
    Patched on 18.09.2018
      kidshealth.org
    Patched on 17.09.2018
      ibm.com
    Patched on 17.09.2018
      iimjobs.com
    Patched on 17.09.2018

  Recent Recommendations

    18 September, 2018
     iwayAG:
Thanks for the detailed report and the fast ans competent communication.
    18 September, 2018
     WebMore2:
Vielen Dank Armin für die gemeldete Schwachstelle. Wir könnten diese anhand deiner umfangreichen Informationen direkt beheben.
    18 September, 2018
     bencus23:
Thank you very much Rui for informing us about XSS (Cross Site Scripting) problem! You really helped us a lot! Big thanks!
    17 September, 2018
     DCB_Singapore:
I would like to thank Taha for his help to discover the security in our website, without his help we couldn't locate it or even solve it.

Many thanks.
    17 September, 2018
     RajatAr51352684:
thanks a lot for reporting security vulnerability in our website. Great work and very supportive in case of additional questions.