Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 456,441 coordinated disclosures
244,448 fixed vulnerabilities
604 bug bounties with 1224 websites
12,323 researchers, 962 honor badges

k0t Top Security Researcher of the Month | Security Researcher Profile


Security researcher k0t has already helped fix 1738 vulnerabilities.



Researcher reputation:  1140

About me:
Penetration tester & webdev.

How to contact me:
[email protected]

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Bug Bounty Payment, Gift Card, T-Shirts.

Recommendations and Acknowledgements

    10 October, 2019
     ziduniwien Zentraler Informatikdienst from University of Vienna:
Dear k0t,

The University of Vienna would like to thank you for your valuable contribution in finding a website security issue.

Your input is highly welcome and helps to raise the security level of our educational institution.

Servus and greetings from Vienna, Austria.
    17 September, 2019
     pacotix Fran from Inxenio:
Thanks a lot for your finding!
    12 September, 2019
     phdev6 ph-dev from Peter Hahn:
k0t found a XSS Bug on our site, thanks for the research and the responsible disclosure!
    11 September, 2019
     westcacom Edwin from westca.com:
Thanks a lot for reporting a vulnerability on our website, you did an amazing work!
    7 September, 2019
     dusalnet blogmn.net from blogmn.net:
Thank you for identifying the XSS issue on my site! You have been very helpful!
    3 September, 2019
     runlevelone Per :
Thanks for your findings and swift response!
    31 August, 2019
     primehalo Ken from absoluteanime:
Thank you for the help!
    22 August, 2019
     SelectLine_GmbH Web-Team from SelectLine Software GmbH:
Thanks for pointing out a vulnerability on one of our websites. And for the professional support.
    14 August, 2019
     convertunits John from Convert Units:
Great job finding a vulnerability. I have fixed the issue now, thanks for your help!
    25 July, 2019
     testmynet Damon from TestMy.net:
Thank you for catching my unescaped variable!

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:2787
Total reports on VIP sites:705
Total patched vulnerabilities:1738
Total vulnerabilities on Hold (Open Bug Bounty):249
Recommendations received:59
Active since:05.05.2016
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week



No posts in blog yet


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
22.10.2019
On Hold
Cross Site Scripting
22.10.2019
On Hold
Cross Site Scripting
21.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
18.10.2019
On Hold
Cross Site Scripting
17.10.2019
On Hold
Cross Site Scripting
17.10.2019
On Hold
Cross Site Scripting
17.10.2019
On Hold
Cross Site Scripting
16.10.2019
On Hold
Improper Access Control 
16.10.2019
On Hold
Improper Access Control 
15.10.2019
On Hold
Improper Access Control 
15.10.2019
On Hold
Open Redirect
14.10.2019
On Hold
Improper Access Control 

  Latest Patched

 23.10.2019 bricklink.com
 23.10.2019 gramha.net
 23.10.2019 deskgram.net
 22.10.2019 jpnn.com
 22.10.2019 iphoneitalia.com
 22.10.2019 biggo.com.tw
 22.10.2019 you2repeat.com
 21.10.2019 bfmtv.com
 21.10.2019 carbon38.com
 21.10.2019 register.it

  Latest Blog Posts

17.10.2019 by 0xrocky
Stored XSS
17.10.2019 by geeknik
The "S" in IOT is for Security
16.10.2019 by darknetguy
Best XSS Vectors
01.10.2019 by Renzi25031469
#Security 100%
18.09.2019 by Leon
SSRF | Reading Local Files from DownNotifier server

  Recent Recommendations

    23 October, 2019
     astroseekcom:
Thank you for informing me about xss vulnerability.
    23 October, 2019
     rendkul:
thanks for informing us about xss vulnerability.
    23 October, 2019
     raviakp1004:
Thanks for letting us know about this XSS vulnerability. We appreciate the quick feedback.
    23 October, 2019
     Mrrain_1996:
Thank you a lot for the information and the support on fixing the issue! Very friendly and kind contact.
    23 October, 2019
     faizan_mark:
Thank you a lot for the information and the support on fixing the issue! Very friendly and kind contact.