Evan Ricafort

Poblacion, Ipil
Zamboanga Sibugay
7001, Philippines
Work Email: [email protected]
Résumé: Click Here!


I'm Evan Ricafort, a security consultant/bug hunter from the Philippines who is interested in web application security testing. I was born and raised in the little town of Ipil, Zamboanga Sibugay. studied computer networking at Ateneo de Zamboanga University. I am currently working remotely as an Offensive Security Engineer (Security Consultant) for a Chicago, Illinois-based cybersecurity firm. I've been an active member of the bug bounty community since early 2013, disclosing many types of security vulnerabilities on famous websites such as Microsoft, Google, Twitter, and others. In my spare time, I enjoy biking, playing video games, and other outdoor activities. If you wish to include me in your bug bounty program, please contact me through email or direct message on Twitter (@evanricafort). I'll do my best to provide you with excellent research.


Technical Skills

Work Experience

Badge & Certificate

News & Press



• 123 Contact Form — http://www.123contactform.com/security-acknowledgements.htm
• 4chan — https://hackerone.com/4chan/thanks
• ActiveCampaign — http://www.activecampaign.com/security/
• Adobe — http://helpx.adobe.com/security/acknowledgements.html (2014)
• Advance Custom Fields (WP Plugin) — https://www.advancedcustomfields.com/contact/
• Aha IO — http://aha.io/legal/security
• Aimlab — https://aimlab.gg/bug-bounty
• Airbnb — https://www.airbnb.com/help/policies/responsible_disclosure#responsible_disclosure_policy
• AndroidFreeApps — http://www.androidfreeapp.net/security-researcher-acknowledgments/ (May 2014)
• Appcelerator — https://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/
• Apple — http://support.apple.com/kb/HT1318 (2014, 2021 & 2022)
• Apptentive — https://www.apptentive.com/contact/
• Appointlet — https://www.appointlet.com/
• Artsy — https://artsy.net/security
• AT&T — https://hackerone.com/att/thanks
• Atlassian — https://bugcrowd.com/atlassian/hall-of-fame
• Attack Secure — http://attack-secure.com/whitehat/
• Audiomack — http://www.audiomack.com/about
• Automattic — https://hackerone.com/automattic/thanks
• AVG Technologies — https://support.avg.com/support_contact_form?l=en_US
• AwardWallet — https://app.cobalt.io/awardwallet/awardwallet/hall-of-fame/all
Read More

Write Ups

To read my write ups, just click here!

Free counters!