mert tasci
Hello, my name is Mert.
My background is in software. I spent years building things before I realized I enjoyed breaking them more, and I've been working in security full-time since 2015.
These days I hunt full-time on bugcrowd, hackerone and synack. Hacking still motivates me, quietly, every day.
Off the clock I'm endlessly curious: evolution, biology, space, music, anything that tries to explain why things turn out the way they do.
"We are a way for the cosmos to know itself."
Carl Sagan · Cosmos
Ink on the Calendar
spot the vacations.
the 2026 row runs through the 31 may snapshot.
Counting Up
line goes up.
plot begins april 2016; the first reports (2014-15) are in the running total.
The Severity Ledger
mostly medium, occasionally catastrophic.
405 unrated submissions excluded · ratings include duplicates.
Mentions
MVP Researcher of the Quarter 2019 Q4 · Top P1 Researcher 2019 Q4 · Bounty Slayer 2019 Q4 · Top P1 Researcher 2019 Q3 · Bounty Slayer 2019 Q3 · Bounty Slayer 2019 Q1 · Fourth Annual Buggy Awards, Finalist 2019 · Web Hacking 101: features my Twitter vulnerability 2018 · 3rd on Bugcrowd's monthly leaderboard 2018 Oct · 1st on Bugcrowd's monthly leaderboard 2018 Jul · MVP Researcher of the Year 2018 · Guest essay: finding IDOR for large bounty rewards 2018 · Interview on cyber-security, Red Bull (TR) 2017 · MVP Researcher of the Year 2016 · "Honored Bug Hunter", Top Kudos Points at the 2nd Annual Buggy Awards 2016 · 2nd on Bugcrowd's monthly leaderboard 2016 Nov · 1st on Bugcrowd's monthly leaderboard 2016 Jul · 2nd on Bugcrowd's monthly leaderboard 2016 Jun · 1st on Bugcrowd's monthly leaderboard 2016 May