ORI LEVI
Penetration Tester
Summary
Cybersecurity Researcher and Bug Bounty Specialist with extensive experience in vulnerability discovery and responsible disclosure. Recognized on HackerOne for impactful findings, securing over 100 organizations through VDPs and BBPs. Proven expertise in web and mobile application testing, API security, OSINT, and exploit development. Technical proficiency includes HTML, CSS, JavaScript, PHP, and Python. Collaborated with high-profile companies such as Rockstar Games, Spotify, Ferrari, ESET, European Union and Starbucks. Dedicated to advancing global cybersecurity through precise analysis, ethical hacking, and continuous improvement.
Overview
3
3
years of professional experience
3
3
Certifications
Work History
Bug Hunter
HackerOne
10.2022 - Current
- Ranked #33 on Rockstar Games’ HackerOne leaderboard, highlighting advanced vulnerability research skills and consistent high-impact findings.
- Identified and responsibly disclosed vulnerabilities affecting global organizations such as UPS, Rockstar Games, Spotify, and others, actively contributing to platform resilience and user safety.
- Specialized in penetration testing, OSINT, and deep vulnerability research, operating across both public and private bounty programs.
- Demonstrated expertise in web application security, misconfigurations, logic flaws, and API vulnerabilities, with a strong focus on real-world exploit scenarios and ethical disclosure.
Penetration Tester
Cybrella
06.2023 - 09.2024
- Led end-to-end penetration testing efforts across web applications, mobile platforms (Android & iOS), and wireless networks, uncovering critical security vulnerabilities and helping teams implement effective mitigations.
- Designed and developed custom security tools to enhance the efficiency and depth of testing methodologies, significantly improving assessment workflows.
- Conducted infrastructure penetration tests targeting network devices, services, and configurations, delivering detailed risk assessments and strategic, actionable remediation plans to strengthen overall system security.
Education
CySource
04.2001 -
Skills
Web & Mobile Application Penetration Testing
Source Code Review (Static & Dynamic Analysis)
Vulnerability Research & Exploit Development
Scripting (Python, Bash, JavaScript)
API Security Testing & Fuzzing
Social Engineering & Phishing Simulations
Tools: Burp Suite, OWASP ZAP, Nmap, Wireshark, MobSF, SQLMap, Metasploit
Certification
PCEP
Timeline
Penetration Tester
Cybrella
06.2023 - 09.2024
Burp Suite Certified Practitioner
12-2022
Bug Hunter
HackerOne
10.2022 - Current
LPI Linux Essentials
12-2021
PCEP
07-2020
CySource
04.2001 -
Similar Profiles
Khalim CisséKhalim Cissé
Product Security Analyst at HackerOneProduct Security Analyst at HackerOne
Alyona VysotskaAlyona Vysotska
Senior Product Manager at HackerOneSenior Product Manager at HackerOne
Khalim CisseKhalim Cisse
Product Security Analyst at HackerOneProduct Security Analyst at HackerOne
AHMED ANWAR ELSHNAWYAHMED ANWAR ELSHNAWY
Bug Hunter at HackerOneBug Hunter at HackerOne
Phyo WaThone WinPhyo WaThone Win
Freelance Bug Bounty Hunter and Pentester at NAFreelance Bug Bounty Hunter and Pentester at NA