About
Offensive Security–focused Security Researcher with hands-on experience in web application and API penetration testing. Reported 12+ validated vulnerabilities across multiple bug bounty programs, specializing in authentication & access control testing, IDOR, and business logic flaws. Hall of Fame recognized on Bugcrowd and Intigriti; ranked Top 1000 globally on Hack The Box. Seeking a Junior Penetration Tester role to strengthen enterprise security through practical exploitation expertise.
Skills & Expertise (28)
Work Experience
Security Researcher
Independent Security Researcher (Bug Bounty Hunter)
Jan 2023 - Present
Reported 12+ validated vulnerabilities across 6+ SaaS, fintech, and cloud platforms. Identified authentication & session management flaws including post-logout user data exposure. Discovered production GraphQL misconfiguration exposing internal stack traces. Performed API security testing on OAuth, JWT, and token-based authentication systems. Tested account deletion/recreation flows for access control and token reuse weaknesses. Conducted structured testing on 25+ web applications using systematic vulnerability assessment methodology. Delivered detailed technical reports with PoC, business impact analysis, and remediation guidance.
Education
Bachelor of Computer Applications (BCA) - Poornima University
- 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
