About Me
I'm a passionate bug bounty hunter and web security specialist with a focus on discovering critical vulnerabilities in web applications. With over 5 years of experience in penetration testing and security research, I've helped secure numerous organizations through responsible disclosure programs and bug bounty platforms.
Bug Hunting Stats
150+
Valid Reports
25+
Critical Findings
$100k+
Total Bounties
Technical Skills
Professional Experience
Independent Bug Bounty Hunter
Participating in various bug bounty programs on HackerOne and Bugcrowd
- Top 100 hacker on Bugcrowd
- Discovered multiple critical vulnerabilities in Fortune 500 companies
- Specialized in web application security and API testing
Security Researcher
Contributing to the security community through research and tool development
Featured Writeups
OAuth 2.0 Account Takeover Critical
Discovered a critical OAuth implementation flaw that allowed complete account takeover through state parameter manipulation.
Impact: Full account access without user interaction
Bounty: $10,000
Chain of IDOR Vulnerabilities High
Found multiple IDOR vulnerabilities in the API endpoints that could be chained together to access sensitive user data.
Impact: Unauthorized access to user information
Bounty: $5,000
Stored XSS in Profile System Medium
Identified a stored XSS vulnerability in the user profile system that could be used to execute malicious JavaScript.
Impact: Session hijacking possible
Bounty: $2,500