j
jobied7

Nahid Miah

@jobied7
5,0(1)
Bangladesh
Inglese, Portoghese, Bengali
Alcune informazioni sono riportate in lingua inglese.
Chi sono
I’m a certified penetration tester and bug bounty hunter with over 6 years of experience in cybersecurity. I’ve worked on web and API testing projects, discovered critical vulnerabilities like XSS, IDOR, SSRF, and 2FA bypasses in top platforms like Google, Facebook, and more. I specialize in identifying real-world security flaws and helping companies fix them before attackers can exploit them.... Continua a leggere

Competenze

j
jobied7
Nahid Miah
offline • 
Tempo di risposta medio: 1 ora

Consulta i miei servizi

QA e revisione
I will do manual penetration testing
5,0(1)
A partire da10 USD / progettoMaggiori dettagli
Collaudo di software
I will do advanced pentest on your website with report
A partire da15 USD / progettoMaggiori dettagli

Portfolio

Esperienza lavorativa

penetration testing

phpcreation.inc • Freelance

Sep 2025 - Sep 20250 mos

Experienced cybersecurity specialist with over 6+ years of hands-on experience in web application penetration testing and vulnerability research. Actively involved in responsible disclosure and bug bounty programs. Key Responsibilities & Achievements: Conducted comprehensive Web Application Penetration Testing following OWASP methodology (OWASP Top 10). Identified and responsibly disclosed multiple vulnerabilities including: SQL Injection (SQLi) Stored & Reflected XSS Server-Side Template Injection (SSTI) HTML Injection Authentication & 2FA bypass issues Session misconfiguration & IDOR Reported vulnerabilities to major platforms including Google (including 2FA bypass findings). Performed security assessments on WordPress, eCommerce (PrestaShop), and custom PHP applications. Experienced in backend API security testing (REST & GraphQL). Conducted authentication & CAS login security testing automation using Python and GitHub Actions. Skilled in source code review for vulnerability identification. Performed subdomain enumeration and DNS reconnaissance using tools like puredns. Prepared professional security reports with structured findings, impact analysis, and remediation guidance. Technical Skills: Burp Suite, Nmap, SQLMap, FFUF, Python automation, Linux, GitHub Actions, REST/GraphQL API testing, Cloud security basics (AWS).

1 Recensioni
5,0

(1)
(0)
(0)
(0)
(0)
Valutazione dettagliata
  • Livello di comunicazione del venditore
    5
  • Qualità della consegna
    5
  • Valore della consegna
    5
1-1 di 1 recensioni
Ordina per
Più rilevante
    F
    image-docs

    fozweb

    ES

    Spagna

    5

    Fantastic advanced bug bounty mentoring

    Fino a 50 USD

    $

    12 giorni

    Tempo

    gig

    QA e revisione

    Utile?
    No