Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
744,804 coordinated disclosures
437,193 fixed vulnerabilities
1146 bug bounties with 2,198 websites
20,644 researchers, 1257 honor badges

Rbcafe | Security Researcher Profile

Security researcher Rbcafe has already helped fix 422 vulnerabilities.

Researcher reputation:  240

Real name:

About me:
Security & Development. #Rbcafe #BugBounty #macOS

How to contact me:
- [email protected]

Alternative Contacts:

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
- PayPal. ([email protected])
- Bitcoin. (1ETT8rt95FmkMWTvyC8qXny7k8QJyHZEZT)
- Swag.

Follow me on:

Recommendations and Acknowledgements

@arussellmorris     27 November, 2020
    Twitter arussellmorris Russell from
Thanks to Rbcafe for a responsible disclosure, good repro steps, and also remediation advice
@TristanGuiheux     23 July, 2020
    Twitter TristanGuiheux tristanguiheux from LA POSTE:
Rbcafe nous a aidés à plusieurs reprises à trouver et à résoudre certains problèmes sur les sites web que nous protégeons. Ce type d'aide est très apprécié du point de vue de la sécurité. Nous pouvons ainsi nous améliorer et protéger nos clients. En outre, la relation établie dans le cadre d'une divulgation pleinement responsable est également très appréciée. Au-delà de la technique, nous avons également une bonne relation et une bonne confiance lorsqu'une alerte est portée à nos oreilles par Rbcafe (nous savons qu'elle est réelle et qu'il faut y répondre). Merci encore en mon nom.

Rbcafe has helped us many times to find and fix some issues on web sites we're protecting. This kind of help is greatly appreciated from a security perspective. This way we can improve ourselves and protect our customers. Moreover the relationship established in a fully responsible disclosure is also greatly appreciated. Thanks again in my name.
@tohtech_issc     15 March, 2019
    Twitter tohtech_issc Information Systems Service Center from Tohoku Institute of Technology:
I greatly appreciate your support for this time.
Your advice was very helpful.
@sczid     2 November, 2020
    Twitter sczid Zentraler Informatikdienst from University of Vienna:
Dear Rbcafe,

The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues.

Your input is highly welcome and helps to raise the security level of our educational institution.

Servus and greetings from Vienna, Austria.
@notedekd     15 October, 2020
    Twitter notedekd Waroros from Dogilike:
Thank you very much for XSS report. Very helpful information provided.
@RssiUrca     20 January, 2020
    Twitter RssiUrca RSSI from URCA:
Thank you for this 4 reports. we appreciate this communication from you.
@ukegawa     24 September, 2019
    Twitter ukegawa ukegawa from kurogo:
Thank you for the report! We appreciate it.
@Untanux     22 August, 2019
    Twitter Untanux Antanas from VDU:
Thank you for the report! We appreciate it.
@nitrc_info     18 July, 2019
    Twitter nitrc_info NITRC Team from NITRC:
Thanks to Rbcafe for identifying and reporting a vulnerability!
@mossifer     14 July, 2019
    Twitter mossifer Jennifer from
Thank you for the report! We appreciate it.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges

Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

10+ Recommends
25+ Recommends
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics

Total reports:2374
Total reports on VIP sites:395
Total patched vulnerabilities:422
Total vulnerabilities on Hold (Open Bug Bounty):253
Recommendations received:11
Active since:07.07.2018
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

Researcher Certificate

No posts in blog yet

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

  Latest Patched


  Latest Blog Posts

25.12.2020 by _Y000_
How to bypass mod_security (WAF)
10.12.2020 by _Y000_
sql injection to bypass Mod_Security
10.12.2020 by _Y000_
Create encoded sql payloads
26.10.2020 by _r00t1ng_
Bypass Addslashes using Multibyte Character
26.10.2020 by _r00t1ng_
One Payload to Inject them all - MultiQuery Injection

  Recent Recommendations

@sproutinvoices     20 January, 2021
    Twitter sproutinvoices:
Thanks for pointing out the phpinfo.php file, it was something I forgot about - appreciate it!
@p_lucena     20 January, 2021
    Twitter p_lucena:
Profissional dedicado, ja me deu varias recomendacoes de seguranca que me evitaram ser vitima de golpes digitais, conhece muito do que fala em ciberseguranca
@fourzuk     20 January, 2021
    Twitter fourzuk:
He helped me a lot in the solution to fix my site i really appreciate
@juniorfn     20 January, 2021
    Twitter juniorfn:
The guy is the best in his field. Very competent, helpful, and play by the rules.
I'm grateful to worked with him and see the man in action.
I recommend his job.
@asgardchannel     20 January, 2021
    Twitter asgardchannel:
Very professional, solved a bug in my company system that no one was able to do it. I recommend him.