Bug Bounty Hunter and Freelancer
HackerOne, Upwork
May 2023 - Current (3 years 3 months)
● Discovered and responsibly disclosed vulnerabilities across web, API, and mobile applications, including critical issues such as IDORs, XSS, SSRF, and access control flaws, helping companies strengthen their security postures. Additionally, my knowledge of GCP and AWS allowed me to assess cloud-based applications effectively, ensuring comprehensive security evaluations.
● Conducted end-to-end penetration testing engagements on web applications for UpWork clients, including black-box and authenticated testing, aligning with OWASP Top 10 and NIST standards. My familiarity with ISO/IEC 27001 and GDPR standards further enhanced my ability to ensure compliance during testing processes.
● Delivered professional pentest reports with detailed