Senior Student of Computer Science | 21 y/o Web Application Pentester My HackerOne Profile: https://hackerone.com/amir_shah
sleeping and learning..
Jan 3 · 4 min read · Hey, yolo guys! Long time no chat! As we already know, bug bounty is a scam (just kidding 🙂). I recently started doing penetration testing for startups in my country. In this case, it was an online marketplace, where I discovered eight security vuln...
Join discussion
Nov 2, 2025 · 4 min read · Hey Geeks, It was a cool bug, so let’s skip the formalities and dive straight in. So, the target was a social media application, pretty standard stuff. Users could upload profile pictures, cover photos, and post images. For obvious confidentiality re...
HHussain commented
Aug 25, 2025 · 3 min read · Hello Friends It’s been two months since I took a break from bug bounty hunting. During that time, I graduated from university 🎓, recharged, and now I’m officially back in the game. And guess what? Within just a few days of returning, I landed a cri...
DHDipesh and 1 more commented
Aug 19, 2025 · 6 min read · Intro, Yo, I hope you’re all doing well!I decided to write a new article once again. The journey of finding these vulnerabilities started when I came across a post about MizbanApp on LinkedIn — an application where you can discover restaurants, cafés...
HMNMohammed and 2 more commented
Jun 20, 2025 · 6 min read · Hello world! Wait... I probably shouldn’t say that — this isn’t my first blog post. Never mind.How are you doing, mates? How’s life going? Let’s get started. In this article, I want to talk about the CSRF vulnerability, and based on my own findings, ...
Jjafar commented