“If you spend more on coffee than on IT security, you will be hacked.” –Richard Clarke

Bug Bounties

Got listed in StackExchange Hall Of Fame

• Identified Security Vulnerability in StackOverflow

Got Listed in Deepnote Hall Of Fame for finding

• Identified Security Vulnerability in deepnote.com

HALL OF FAME 1Shoppingcart.com

• Identified Stored XSS in 1Shoppingcart.com

Vulnerability Disclosure in Twitter Open Source

• Read more here

Got awarded with 1925$ for disclosing Multiple Vulnerablity in a Private Program.

• XSS
• User De-Anonymization Leak of Emails and Usernames
• Reflected File Download

Got awarded with 200$ for disclosing Vulnerablity in a Private Program.

• Socket Hijacking

Got awarded with 2,550$ for finding SSRF in Apache Airflow

• CVE-2023-37379
  
  
  
  

Common Vulnerabilities and Exposures (CVE)

CVE-2024-6827 | HTTP Request Smuggling in Gunicorn

• CVE-2024-6827

CVE-2023-37379 | SSRF in Apache Airflow

• CVE-2023-37379

CVE-2021-23448 | Prototype Pollution Vulnerability in CONFIGHANDLER - NodeJs package

• CVE-2021-23448

CVE-2021-23718 | SSRF Bypass in SSRFAGENT - NodeJs package

• CVE-2021-23718

CVE-2024-31617 | HTTP Request Smuggling in OpenLiteSpeed

• CVE-2024-31617
  
  
  
  

Researches