I am a cybersecurity researcher and bug bounty hunter specializing in web application and API security. I have hands-on experience identifying and responsibly disclosing vulnerabilities across web platforms, AI systems, cloud environments, and blockchain applications.
I have submitted 300+ vulnerability reports and earned multiple bug bounties through responsible disclosure programs, including my first bounty from a cryptocurrency platform. I have been recognized in the NASA Hall of Fame for my contributions to security research and received an appreciation certificate from EC-Council for reporting a security vulnerability.
My core expertise includes web application penetration testing, API security testing, vulnerability assessment (VAPT), and manual bug hunting. I specialize in identifying high-impact vulnerabilities such as authentication and authorization flaws, injection attacks, misconfigurations, sensitive data exposure, and business logic issues.
I use industry-standard tools such as Burp Suite, Nmap, ffuf, Nuclei, Amass, and Subfinder, along with custom automation scripts to perform deep and efficient security testing.
My strengths include:
Strong manual testing and critical thinking skills
Ability to identify real-world, impactful vulnerabilities
Clear and professional vulnerability reporting
Consistent learning and adapting to new technologies
Services I offer:
Web Application Penetration Testing
API Security Testing
Vulnerability Assessment & Reporting
Bug Hunting & Security Research
Basic Security Review for startups and projects
Areas of interest:
Web and API Security
AI/LLM Security (Prompt Injection, Data Leakage)
Blockchain & Smart Contract Security
Security Automation and Tool Development
I am committed to helping organizations secure their applications by delivering clear, actionable, and high-quality security assessments.