Home / Hall of Fame

Hall of Fame

200+ organizations recognized for responsible vulnerability disclosure

Responsible disclosure is at the heart of ethical hacking. Over the past 10+ years, I've reported security vulnerabilities to more than 200 organizations across industries — from Fortune 500 tech giants to government agencies. Each recognition represents hours of research, careful documentation, and professional collaboration with security teams to help make their products and platforms safer for millions of users worldwide.

0
Organizations Recognized
0
Vulnerabilities Reported
0
CVEs Published
0
Years Active

Featured Findings

CVE

CVE-2020-24416 — Adobe InDesign

Discovered a critical reflected Cross-Site Scripting (XSS) vulnerability in Adobe InDesign's web component. A specially crafted URL could execute arbitrary JavaScript in the context of the victim's session, potentially leading to session hijacking, data theft, and account compromise. Reported through Adobe's PSIRT and patched in a subsequent security update.

CRIT

MindGeek / Pornhub — Critical Vulnerability

Identified a critical security vulnerability in MindGeek's infrastructure (parent company of Pornhub and other major web properties) and responsibly disclosed the finding.

200+

Global Recognition

Recognized on Hall of Fame pages by over 200 organizations globally, including Fortune 500 companies, government agencies (US Department of Defense), financial institutions, and leading technology companies. Each recognition reflects a responsibly disclosed vulnerability that helped improve the organization's security posture.

Recognitions by Category

Logo-style tiles are used as compact identifiers. Public proof links should be added only when the acknowledgement URL has been verified.

Technology Giants

16 orgs

Security acknowledgments from the world's largest technology companies for discovering vulnerabilities in their products and platforms.

GGoogleSearch / Cloud MSMicrosoftCloud / Apps AAdobeCVE / PSIRT INIntelPlatform APAppleProduct security SAMSamsungMobile / IoT SNSonyConsumer tech DEDellEnterprise PHPhilipsConnected devices NONokiaNetworks MIXiaomiMobile HWHuaweiNetworks LNLenovoHardware LGLGConsumer tech ASAsusHardware ACAcerHardware

Financial & Enterprise

10 orgs

Vulnerabilities reported to major financial institutions and enterprise software companies.

MCMastercardPayments PPPayPalPayments VIVisaPayments AXAmerican ExpressCards SHShopifyCommerce HSHubSpotSaaS OKOktaIdentity SFSalesforceCRM OROracleEnterprise SAPSAPERP

Telecom & Communication

6 orgs

Security research conducted on telecommunications and communication platforms.

ATAT&TTelecom NONokiaNetworks VFVodafoneCarrier TMT-MobileCarrier AIAirtelCarrier JOJioCarrier

Government & Defense

4 orgs

Responsible disclosure to government agencies and defense organizations through authorized programs.

DoDUS Department of DefenseAuthorized program AFUS Air ForceDefense ARMUS ArmyDefense INNCIIPC IndiaCritical infra

Bug Bounty Platforms

5 orgs

Active researcher on major bug bounty platforms with consistent high-impact findings.

H1HackerOneBug bounty BCBugcrowdBug bounty SYSynackPrivate testing ITIntigritiBug bounty YWHYesWeHackBug bounty

Internet & Media

10 orgs

Vulnerabilities discovered in major internet services, media companies, and web platforms.

YHYahooInternet TWTwitterSocial SCSnapchatSocial PIPinterestSocial SPSpotifyMedia DBDropboxCloud storage CFCloudflareInfrastructure NXNginxWeb server WPWordPressCMS GHGitHubDeveloper platform

Note: This page lists selected recognitions. Many additional acknowledgments are from private programs and organizations that do not publicly list researchers. The complete list of recognitions spans across multiple industries including healthcare, education, e-commerce, automotive, and more.

Want Your Organization Tested?

If you'd like to proactively find vulnerabilities before attackers do, let's discuss a penetration testing engagement.

Get in Touch