Experience
Active participation in bug bounty programs and CTF competitions, with a track record of finding critical vulnerabilities and ranking in international competitions.
Professional Timeline
A chronological overview of my journey in cybersecurity and bug bounty hunting.
No experience entries yet. Check back soon!
Impact & Achievements
A summary of my bug bounty and CTF accomplishments.
25+
Organizations Secured
100+
Vulnerabilities Found
#5
Black Hat USA CTF 2025
Vulnerability Types Found
A breakdown of the vulnerability categories I specialize in discovering.
✓Broken Access Control (BAC) - Privilege escalation & horizontal/vertical access violations
✓Insecure Direct Object References (IDOR) - User enumeration and data theft
✓Server-Side Request Forgery (SSRF) - Internal network access and cloud metadata exposure
✓Cross-Site Scripting (XSS) - Stored, reflected, and DOM-based injection attacks
✓SQL Injection - Database extraction and manipulation
✓Authentication Bypass - Weak password reset flows and session fixation
✓Business Logic Flaws - Workflow bypasses and transaction manipulation
✓API Abuse - Rate limit bypass, account enumeration, resource abuse
✓Insecure Deserialization - RCE and code execution vulnerabilities