Security Researcher Bug Bounty Hunter

Muhammad
Zeeshan

Web Application Security · Responsible Disclosure · Bug Bounty

Specialised in uncovering high-severity vulnerabilities across global platforms from government agencies to enterprise technology. Turning security gaps into trust.

Hall of Fame Get In Touch →
Profile

Who I Am

I am Muhammad Zeeshan, a security researcher and bug bounty hunter with a sharp focus on web application vulnerabilities and responsible disclosure. My goal is to identify critical security weaknesses before they can be exploited.

My work has earned Hall of Fame recognition from NASA, the US Department of Commerce, Air Canada, Xsolla Inc, and TNS — reflecting a consistent ability to find real, high-impact issues across diverse environments worldwide.

Every engagement is approached with precision and professionalism. From deep recon to a clean final report, I am committed to making the systems I test genuinely more secure.

const researcher = {
  focus:    "web_application_security",
  approach: "responsible_disclosure",
  impact:   "high_severity_findings"
}
Web App Pentesting XSS & Injections Auth Bypass SSRF & XXE API Security IDOR & BAC Recon & OSINT Business Logic CSRF & CORS Subdomain Enum
Arsenal

Technical Skills

Vulnerability Classes
13 attack vectors
SQLi XSS SSRF SSTI XXE RCE IDOR CSRF Open Redirect Host Header Injection CRLF Injection Auth Bypass Business Logic
Tools & Platforms
12 security tools
Burp Suite Nuclei Kali Linux ffuf httpx Subfinder Amass Waybackurls Shodan Nmap Metasploit SQLmap
Recon & OSINT
8 reconnaissance techniques
Subdomain Enumeration JS Analysis Google Dorking API Discovery Tech Fingerprinting Endpoint Mapping DNS Recon GitHub Recon
Languages & Dev
8 languages & stacks
Python Bash JavaScript PHP Node.js HTML & CSS SQL Regex
Recognition

Hall of Fame

Recognized by leading organisations across government, aviation, fintech, and enterprise technology for responsible disclosure of verified security vulnerabilities.

NASA logo
NASA
Hall of Fame
US Department of Commerce seal
US Dept. of Commerce
Hall of Fame
Air Canada logo
Air Canada
Hall of Fame
Xsolla Inc logo
Xsolla Inc
Bounty Awarded
Transaction Network Services logo
Transaction Network
Services
Hall of Fame
Lexzur logo
Lexzur
Bounty Awarded
Outfox Stories logo
Outfox Stories
Bounty Awarded
Process

How I Hunt

Recon & Enumeration
Deep target reconnaissance — subdomain discovery, endpoint mapping, JavaScript analysis, and technology fingerprinting to map the complete attack surface.
Vulnerability Analysis
Systematic testing against OWASP Top 10 and beyond — authentication flaws, injection points, broken access controls, and complex business logic vulnerabilities.
Exploitation & PoC
Crafting clean, reproducible proof-of-concept exploits that demonstrate real-world impact and communicate severity clearly and accurately to security teams.
Responsible Disclosure
Structured reports with CVSS ratings, exact reproduction steps, impact assessment, and clear actionable remediation recommendations for every finding.
Remediation Support
Working alongside security teams through the fix cycle — verifying patches, clarifying findings, and ensuring vulnerabilities are fully and correctly resolved.
Continuous Research
Staying ahead through ongoing CVE analysis, CTF competitions, and deep engagement with the global vulnerability research and bug bounty community.
Connect

Get In Touch

Have a private program invitation, security consultation inquiry, or want to discuss a collaboration? I respond to all legitimate inquiries within 24–48 hours.

Direct Email
security@zeeshan.id

Send a Message