Paolo Arnolfo is a seasoned security researcher and bug bounty hunter with seven years of hands-on experience hunting vulnerabilities across major platforms and programs. Based in Portugal, he is an active member of Bugcrowd, HackerOne, and the Synack Red Team, earning repeated MVP recognition and a Top 50 all-time ranking on Bugcrowd. A computer science student from Università degli Studi di Torino, Paolo pairs academic grounding with practical tooling work—contributing backend fixes and scope-gathering improvements to the widely used bbscope project that supports HackerOne, Bugcrowd, Intigriti and others. He focuses on reliable parsing and scope-retrieval, often refactoring integrations to make program data more accurate for researchers. Known for consistent, program-level impact, he blends offensive security skill with developer discipline to improve both tooling and real-world program outcomes.
7 years of coding experience
Laurea Triennale, Informatics, Laurea Triennale, Informatics at Università degli Studi di Torino
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
Role in this project:
Back-end Developer
Contributions:30 commits, 12 PRs, 117 pushes in 1 year 5 months
Contributions summary:Paolo primarily focused on enhancing the `bugcrowd` package of the project by addressing parsing issues and improving the overall functionality. Their contributions included fixing bugs related to the UI of Bugcrowd and refactoring code, as well as improvements to the way scope information is retrieved. Additionally, the user made changes to the `hackerone` and `intigriti` packages, adding functionality and fixing issues.
Contributions:1 review, 14 commits, 4 PRs in 2 years 1 month
golangscanneriisbugbountysecurity
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.