10 Famous Bug Bounty Hunters of All Times

We don’t like people who point out our mistakes. You must have heard from your elders that pointing out someone else’s mistakes is a very bad habit. In fact, most of us love to do that, our mind is like radar which keeps on checking mistakes of anyone who lies within the range. But again, pointing out mistakes is a bad habit. Do you think it will ever help you in life? No? This article may change your concepts then.

Who are bug bounty hunters?

You must be familiar with bounty hunters. These are people who get rewards for capturing people who are fugitives or involved in some or the other illegal activities. So from this name itself, the concept of bug bounty hunters originated. People who can find bugs or errors are bug bounty hunters in IT industry.

Their work and its result

Basically, they find out bugs in software or any services, they point out its faults and they also suggest how these can be improved. Good bug bounty hunters are always in good demand and are also paid well. The result of bug bounty hunters hard work is, the company gets rid of vulnerabilities and bugs. Then it launches a new version of the same software or service, which is known as an update.


So let us take a look at the well-known top 10 bug bounty hunters who have been rocking their charts in IT sector.

Rafay Baloch

Rafay Baloch is from Pakistan and is an independent security researcher. Rafay found a vulnerability in PayPal. The vulnerability was regarding remote code execution. PayPal offered him $10,000 and a job. He also discovered Android Stock Browser Address Bar Spoofing which was useful in Lollipop as well as previous Android versions.

Roy Castillo

Roy Castillo participated in bug bounty hunting program. He is the first Filipino to participate in it. His achievements include reporting stored XXS in Gmail for IOS. He also found a bug in Facebook which exposed primary email addresses of their users.

Jason Haddix

Jason has scored really well as a bug bounty hunter. Jason became a Bug bounty hunter in Bugcrowd and became its Director of Technical Operations. Not only this, but Jason also is a notable mobile and web hacker.

Frans Rosen

Frans is a superstar in reporting bugs. He stands second in the bug bounty hunters list of Hackerone. He has worked as a security researcher and has reported many bugs. One of the famous bugs reported includes flash-based XSS vulnerability.

Stephane Chazela

Stephane is very active in Free Software/Open Source and UNIX communities. Stephane discovered the GNU Bourne-Again Shell (Bash) Shellshock Vulnerability. Stephane found Shellshock in Hackerone which also earned him a good reward.


Bitquark is very active and keep’s updating his blog which is bitquark.co.uk. Bitquark is very talented in this field and has also topped the list of bug bounty hunter. Bitquark has also received many rewards from ‘Google Sites’ and many other companies in this sector.

Neal Poole

Neal Poole‘s bug-hunting techniques have always been effective and have proved to produce amazing results. Neal works as a security engineer at Facebook. Neal also works in the Product Security Team. Facebook hired Neal for his bug hunting talent.

A Bailey

One of the famous bug bounty hunters whose talent was also considered by top news channels such as CNN and BBC. Lab Mouse Security was his start-up. He reported on memory corruption on LZ4 software which earned him $6000 from Hackerone.

JungHoon Lee

Our hero from Korea is an exploit developer. He stood apart and gained recognition at the CanSecWest security conference in 2015. He received $225,000 in Pwn2Own where he exploited browsers like Internet Explorer, Chrome and Firefox.

Mazin Ahmed

Mazin found vulnerabilities in Facebook Messenger. He is very active in his personal blog. He got recognition for his research on W3 Total Cache’s Vulnerability.

End Note

So these are some of the famous bug bounty hunters in our list. I have included famous bug bounty hunters only, there are security researchers too who have also performed really well in bug bounty hunting programs.