Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 438,902 coordinated disclosures
235,537 fixed vulnerabilities
589 bug bounties with 1186 websites
11,912 researchers, 950 honor badges

k0t Top Security Researcher of the Month | Security Researcher Profile


Security researcher k0t has already helped fix 1662 vulnerabilities.



Researcher reputation:  1120

About me:
Penetration tester & webdev.

How to contact me:
[email protected]

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Bug Bounty Payment, Gift Card, T-Shirts.

Recommendations and Acknowledgements | Full List:

    17 September, 2019
     pacotix Fran from Inxenio:
Thanks a lot for your finding!
    12 September, 2019
     phdev6 ph-dev from Peter Hahn:
k0t found a XSS Bug on our site, thanks for the research and the responsible disclosure!
    11 September, 2019
     westcacom Edwin from westca.com:
Thanks a lot for reporting a vulnerability on our website, you did an amazing work!
    7 September, 2019
     dusalnet blogmn.net from blogmn.net:
Thank you for identifying the XSS issue on my site! You have been very helpful!
    3 September, 2019
     runlevelone Per :
Thanks for your findings and swift response!
    31 August, 2019
     primehalo Ken from absoluteanime:
Thank you for the help!
    22 August, 2019
     SelectLine_GmbH Web-Team from SelectLine Software GmbH:
Thanks for pointing out a vulnerability on one of our websites. And for the professional support.
    14 August, 2019
     convertunits John from Convert Units:
Great job finding a vulnerability. I have fixed the issue now, thanks for your help!
    25 July, 2019
     testmynet Damon from TestMy.net:
Thank you for catching my unescaped variable!
    19 July, 2019
     nitrc_info NITRC Team from NITRC:
Thank you for the report with proof of concept!
    19 July, 2019
     AndyTrier Andreas from KV Trier-Saarburg:
He found the next bug on our Website! THANK YOU
Professional help, great work!
    11 July, 2019
     AndyTrier Andreas from KV Trier-Saarburg:
Dear k0t, Thank You. You make a very good job. With your indications we can fixed the bug in few minutes. Thank you!
    8 July, 2019
     AndyTrier Andreas from KV Trier-Saarburg:
Thank you for reporting XSS vulnerability. Great work!
    28 June, 2019
     hearthstonehu Bence from Hearthstone Hungary:
Thank you for reporting the XSS vulnerability on my website. You helped me find the issue, and now the website is safer, thanks to you!
    27 June, 2019
     RMV1983 Michael from eduvdom:
Thanks for the report of the security research. This helped to find and fix the problem.
    22 June, 2019
     PaulAtTheHug TallPaul from WalkLakes:
Not only found some XSS vulnerabilities but, by doing so, lead us to spot some others which hadn't yet been picked by anyone. So most helpful.
    17 June, 2019
     opensolr Ciprian Dimofte from Opensolr SRL:
Thank you very much for your time, and professional help on this crucial security matter.
This could have been catastrophic for our business, would it not have been for your great work !
    6 June, 2019
     aapit David Spreekmeester from Grrr:
Thanks to k0t's sharp observations, we were made aware of a security issue and could patch it before it caused any troubles.
    3 June, 2019
     wirismath Marketing & Communications from WIRIS MATH:
Thanks to k0t indications, we were able to fix a vulnerability in one of our websites quickly. Now this website is much safer for everyone
    30 May, 2019
     MalagaCarCom Ruben from MalagaCar.com:
Hi k0t, we've followed your indications and have fixed the vulnerability in a few minutes. Thank you very much!
    28 May, 2019
     ziduniwien Computer Center from University of Vienna:
Dear k0t,

The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues. Your input is highly welcome and helps to raise the security level of our educational institution.

Servus and greetings from Vienna, Austria.
    17 May, 2019
     derbarkeeper mixable from mixable:
Thank you for reporting XSS vulnerability. Great work!
    17 May, 2019
     derbarkeeper mixable from mixable:
Thanks k0t for reporting XSS vulnerability on our website!
    16 May, 2019
     biblegateway Bible Gateway from Bible Gateway:
This person's report was accurate and allowed us to implement a fix quickly. Thank you!
    13 May, 2019
     everlats Guillaume from Everlats:
Thanks k0t for your help! Great work!
    7 May, 2019
     source_dr source_dr :
and thanks a trillion for the 3rd XSS vulnerability found !
    2 May, 2019
     pavelmusil Pavel Musil from Musil:
Thank you for reporting XSS vulnerability
    25 April, 2019
     source_dr source_dr :
Thank you for reporting XSS vulnerability :-)
    21 April, 2019
     AniDBStatus AniDB from AniDB:
Thank you for reporting this bug. We appreciate your work!
    18 April, 2019
     myparadisio Yves from Paradisio:
Thanks k0t, for pointed out two XSS vulnerabilities on our website!
Your input was very much appreciated!
    2 April, 2019
     RESTPOSTENde Christoph from GKS Handelssysteme GmbH:
Thanks k0t for disclosing another issue to us - With your support, we could patch it immediately.
    2 April, 2019
     evergreen_uk Andrew Cope from Evergreen:
Thanks k0t, much appreciated
    29 March, 2019
     RESTPOSTENde Christoph from GKS Handelssysteme GmbH:
Thanks k0t for pointing the finger to a vulnerability on our website. Through his support we were able to patch it in almost no time. It's guys like him that make the internet a better and safer place!
    28 March, 2019
     evergreen_uk Andrew from Evergreen:
Thanks k0t, you're a star!
    27 March, 2019
     Shadertoy Note from Beautypi:
Thanks k0t for your research, it helped us make the website better. We appreciate your work!
    26 March, 2019
     ClementBourgoin Clément Bourgoin from Biblys:
Thanks for warning me about a forgotten phpinfo file!
    19 March, 2019
     interactmultim1 Christian from interact!multimedia:
Thank you k0t for reporting this bug. We appreciate your work!
    1 March, 2019
     uniteddomains united-domains from united-domains:
Thank you k0t for reporting this bug. We appreciate your work!
    14 February, 2019
     DomainMOD Greg Chetcuti from DomainMOD:
Thanks a lot for the report! We completely missed this vulnerability ourselves and are happy that you caught it!
    14 February, 2019
     fisher_of_men11 Andy from Mudconnect.com:
Thank you for helping me find and fix the XSS vulnerability on mudconnect!
    12 February, 2019
     dsmithgard Dan Smith from Patton Electronics:
Very helpful and responsive in helping me get my issue fixed.
    7 February, 2019
     rtvde rtvde from rtv media Group GmbH:
Thanks a lot for pointing us to that XSS-flaw. It should now be fixed.
    24 January, 2019
     astroseekcom Petr9 from Astro-Seek.com:
Thank you k0t for XSS vulnerability report. It has been fixed.
    18 January, 2019
     laufpix laufpix from laufpix.de:
Thanks for reporting a vunlerability on our website. He provided all the information needed and responded extremely fast. Our website is more secure now.
    11 January, 2019
     webdekd Note from Dek-D:
Thank you k0t for information that helped me fix vulnerabilities on my website.
    9 January, 2019
     Mikroelektron11 Aleksa from MikroElektronika:
I wanted to thank you for reporting XSS flaw on our website, for helping us to make our site secure.
    7 January, 2019
     _light_dem Matteo from Mys:
Fast and professional on replay he helped us found a vulnerability Xss
    12 December, 2018
     teachercorner Chad from TeachersCorner:
Thank you kOt for notifying us of this bug, and tips on how to fix it. We appreciate your research!
    24 October, 2018
     wirthundhorn Support from dtv.de:
Thank you k0t for the quick response that helped us fixing vulnerabilities on the page!
    24 July, 2018
     kathleenyano Kathleen :
Thank you k0t for finding an issue and providing a clear explanation of it. We are happy we were able to resolve it before it affected anyone and we couldn't have done it without your report.
    8 May, 2018
     JayGilmore Jay Gilmore from MODX Systems, LLC:
k0t is a true professional. They provided all the information needed and responded extremely fast. What more could you ask for? Our site is more secure as a result.
    23 March, 2018
     khusroks S Khan from Projectmanagement:
Thank you k0t for being helpful and professional in helping us patch vulnerabilities.
    6 December, 2017
     tfencl toddf :
k0t found a vulnerability and quickly responded providing additional information and PoC examples. Thank you very much for the quick response and for making the Internet a little safer by bringing this to us.
    26 July, 2017
     kovyrin Oleksiy Kovyrin from Swiftype Inc:
k0t has identified an XSS vulnerability on our website, provided us with all the necessary details to reproduce the problem and was really helpful in testing the site after we have applied our fixes. Thank you!
    29 December, 2016
     evergreen_uk Chris from Evergreen Computing Ltd:
k0t located 2 vulnerabilities on our company site. When contacted k0t responded quickly with all the information needed to fix them and was quick to retest once they had been fixed. Thanks k0t!
    29 November, 2016
     ActOnSoftware Jahvita Rastafari from Act-On Software:
With the assistance of k0t, we were able to identify and correct the issue quickly. Thank you for working with us to make the web a safer place for all.
    23 November, 2016
     MagnusJacobi Magnus from Jigidi.com:
k0t located several vulnerabilities on our site and replied very fast with useful information.

Thanks for taking the time to help us.
    26 October, 2016
     Mr_Papercut Mischa from Symbaloo:
Thank you k0t for the quick reply to our emails. The provided information was complete and helped us identify the issue right away. Let's keep on making the web a safer place

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:2695
Total reports on VIP sites:668
Total patched vulnerabilities:1662
Total vulnerabilities on Hold (Open Bug Bounty):278
Recommendations received:58
Active since:05.05.2016
Top VIP Security Researcher Awards: Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week



No posts in blog yet


Reported Vulnerabilities

All Submissions VIP Submissions

Domain Reported Status Type
23.09.2019
On Hold
Improper Access Control 
23.09.2019
On Hold
Cross Site Scripting
23.09.2019
On Hold
Cross Site Scripting
22.09.2019
On Hold
Improper Access Control 
22.09.2019
On Hold
Improper Access Control 
20.09.2019
On Hold
Cross Site Scripting
20.09.2019
On Hold
Cross Site Scripting
20.09.2019
On Hold
Cross Site Scripting
20.09.2019
On Hold
Cross Site Scripting
20.09.2019
On Hold
Cross Site Scripting
18.09.2019
On Hold
Improper Access Control 
18.09.2019
On Hold
Cross Site Scripting
18.09.2019
On Hold
Cross Site Scripting
17.09.2019
On Hold
Cross Site Scripting
17.09.2019
On Hold
Improper Access Control 
16.09.2019
On Hold
Cross Site Scripting
16.09.2019
On Hold
Cross Site Scripting
16.09.2019
On Hold
Cross Site Scripting
16.09.2019
On Hold
Cross Site Scripting
15.09.2019
On Hold
Improper Access Control 

  Latest Patched

 23.09.2019 forebet.com
 23.09.2019 schnittberichte.com
 23.09.2019 vogue.es
 22.09.2019 sonovente.com
 22.09.2019 xe.gr
 22.09.2019 paisdelosjuegos.com.ar
 21.09.2019 thermofisher.com
 21.09.2019 ewg.org
 21.09.2019 uvm.edu
 21.09.2019 123test.com

  Latest Blog Posts

18.09.2019 by Leon
SSRF | Reading Local Files from DownNotifier server
13.09.2019 by drok3r
Collection of information | Google Hacking and Dorks basic
09.09.2019 by DakkarKey
New and Powerful XSS scan tool - XSpear
05.09.2019 by MiguelSantareno
Wordpress basic auditing
05.09.2019 by MiguelSantareno
Payloads for all type off web attacks

  Recent Recommendations

    20 September, 2019
     pacotix:
Thanks for your finding! You have helped make our site more secure. Thanks for your great collaboration :)
    20 September, 2019
     ChipZ_de:
Gh05tPT has found an XSS vulnerability on one of our pages.

He is very helpful and responded very quickly. I really appreciate it. Thank you very much.
    20 September, 2019
     UUCSIRT:
Thank you for your vulnerability report!
/Hans Liss, Uppsala university
    20 September, 2019
     ashleyhindle:
Thank you so much for highlighting the vulnerability, it really helped!
    19 September, 2019
     YstreamTV:
Thanks for reporting the bug, can you recheck this, hope that is fixed.