Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

  • For Researchers 
    Report a Vulnerability
    Report and help remediate a vulnerability
    found on any website

         		Write a Blog Post
    Write a blog post to share your knowledge
    and get kudos
    Browse Bug Bounty Programs
    Browse active bug bounty programs
    run by website owners         		Ask a Question
    Ask questions and share your improvement
    ideas
    How it Works
    Download presentation and learn
    how our platform works

        PDF, 1MB
  • For Owners 
    Start a Bug Bounty
    Start your bug bounty program at no cost
    and leverage crowd-security testing

         		Ask a Question
    Ask questions or let us know how to make
    Open Bug Bounty even better
    API Request
    National CERTs and law enforcement
    agencies may request our API
    How it Works
    Download presentation and learn
    how our platform works

        PDF, 1MB
  • Hall of Fame 
    Top Security Researchers
    They make Web a safer place by reporting
    and helping remediate vulnerabilities

         		Acknowledgements
    Website owners share their experience of collaboration with the researchers






    How it Works
    Download presentation and learn
    how our platform works

        PDF, 1MB
  • About 
    About the Project
    Read about Open Bug Bounty history,
    values and mission

         		Latest Reports
    Browse the most recent vulnerability
    submissions
    Contact Us
    Get in touch


    How it Works
    Download presentation and learn
    how our platform works

        PDF, 1MB
  • Forum
  • Blog
  •       
For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
 1,006,104 coordinated disclosures
628,908 fixed vulnerabilities
1,348 bug bounty programs, 2,698 websites
23,362 researchers, 1,318 honor badges

OpenBugBounty.org  >  Security Researchers  >  rajesh_appsec

rajesh_appsec | Security Researcher Profile


Security researcher rajesh_appsec has already helped fix 320 vulnerabilities.



Researcher reputation:  560

Real name:
Rajesh Tewari

Contact email:
[email protected]

Alternative Contacts:
8197644455

Certifications & Diplomas:
CompTIA Security
CEH

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Bug Bounty Payments, Paypal, Swags, T-Shirt, Hall Of Fame

Recommendations and Acknowledgements

@testmynet     2 October, 2020
    Twitter testmynet Damon from TestMy.net:
Rajesh has helped me find vulnerabilities multiple times even after knowing I don't have a bounty. Very cool. Thank you for taking the time to make our internet better.
@redicius     25 February, 2019
    Twitter redicius Pavel from vestirna.com:
Did find a XSS hole, shared it with me via openbugbounty. Did not try to blackmail me. Nice guy.
@SBugreports     25 May, 2021
    Twitter SBugreports Spark Bug Reports from Spark NZ:
Thanks to Rajesh for reporting the vulnerabilities with our site. It has been a pleasure to deal with you.
@Dawn91571907     24 May, 2021
    Twitter Dawn91571907 anonymous from undercover:
Thank you very much Rajesh for the detailed report on the vulnerability of our website, we patched the vulnerability in time
@tugozevents     17 May, 2021
    Twitter tugozevents Team Tugoz from Tugoz LLC:
Thanks a lot, Rajesh, for taking time to test our product and for the detailed reporting of the vulnerabilities. It was a great experience working with you.
@smiteworks     15 January, 2021
    Twitter smiteworks Doug D from SmiteWorks USA LLC:
Rajesh was very helpful in providing information and penetration testing on our site. With this information, we were able to harden our infrastructure.
@syysvirta     17 December, 2020
    Twitter syysvirta Joonas from Anders:
Thank you Rajesh for reporting a vulnerability, sharing detailed additional information and thus helping us to patch it quickly. Keep up the good work!
@Ryte_CERT     16 November, 2020
    Twitter Ryte_CERT Armin from Ryte:
Thank you Rajesh for reporting vulnerabilities on our website, your quick and detailed response was very valuable to us!
@SNTech2     16 November, 2020
    Twitter SNTech2 Steve from Sharenet:
Thank you for reporting the vulnerabilities on our website, we appreciate the quick and detailed responses. Keep up the good work!
@lansewudao     28 October, 2020
    Twitter lansewudao Jin Lu from Talroo:
Thank you for finding the bug, Rajesh! We fixed it.

Shows the first 10 recommendations. See all.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Secured Websites Badge
50+ Secured Websites Badge
500+ Secured Websites Badge
Web Security Veteran Badge
10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser Badge
CSRF Master Badge
AppSec Logic Master Badge
Fastest Fix Badge
WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB Badge
OBB Advocate Badge
Improved OBB Badge
Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master Badge
Patch Guru Badge
Patch Lord Badge
Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE Badge
FAMOUS Badge
GLOBALLY TRUSTED Badge
REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

Distinguished Blog Author Badge
Distinguished Blog Author Badge
Distinguished Blog Author Badge
1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:1081
Total reports on VIP sites:169
Total patched vulnerabilities:320
Total vulnerabilities on Hold (Open Bug Bounty):55
Recommendations received:32
Active since:18.02.2019

Open Bug Bounty Certificate


Researcher Certificate

Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions




No posts in blog yet










  Latest Patched

 21.06.2021 govtech.com
 20.06.2021 gdrfad.gov.ae
 20.06.2021 realcommercial.com.au
 20.06.2021 allofustec.nnlm.gov
 19.06.2021 getchu.com
 19.06.2021 explorelearning.com
 19.06.2021 fibre2fashion.com
 19.06.2021 tme.eu
 18.06.2021 www1.caixa.gov.br
 18.06.2021 butantan.gov.br

  Latest Blog Posts

25.05.2021 by 0xrocky
Google XSS Game
25.05.2021 by ShivanshMalik12
Testing for XSS (Cross Site Scripting)
25.05.2021 by darklotuskdb
Easy XSS On Mostly Educational Websites Via Moodle
25.04.2021 by ParanjpeSanmarg
Testing Subdomain Takeover Vulnerability
11.04.2021 by Open Bug Bounty
Better Notifications Mechanism

  Recent Recommendations

@darione90     19 June, 2021
    Twitter darione90:
Many thanks to garlet_marco for finding an XSS vulnerability on our website!
@RyanBoehm12     16 June, 2021
    Twitter RyanBoehm12:
Vighnesh Gupta was professional, considerate, and thorough in helping us resolve a security flaw on our website. He communicated with in a timely manner, and provided all necessary support to fix the issue. I highly recommend him.
@rus_cert     16 June, 2021
    Twitter rus_cert:
Thanks for informing us about the vulnerability and providing helpful details :-)
@Cyber91998806     16 June, 2021
    Twitter Cyber91998806:
He responded to my mails quickly and helped us how to fix the vulnerability in a professional way. I recommended this guy.
@contactsplus     15 June, 2021
    Twitter contactsplus:
Tuhin reported 3 valid vulnerabilities to us of severities High, Medium and Low.

He was very professional and helped us recreate the issues until we were able to verify.
He was awarded a bounty for his efforts.

Thank you Tuhin!

Contacts+ Security Team.
Making Web a Safer Place
Coordinated & Responsible Disclosure
Based on ISO 29147 Guidelines
Terms & Privacy
2021 © OpenBugBounty
  • Follow us