Sheraz Khalid

Bug Bounty Hunter
Web App Pentester
Network Pentester

About Me

Hacker, Gamer and book reader

  • Age 24
  • Residence Pakistan
  • e-mail daimbutt70@gmail.com

What I Do

Penetration Testing

Doing web application security assessments and network security testing.

Bug Hunting

Currently i am doing bug hunting on Bugcrowd where i have 1700+ reps and on synack where i am on level 2.

Blogging

I have a blog where i write about my security findings.

CTF Player

I actively participte in capture-the-flag (CTF) challanges for learning and sharping my skills.

Progress Reports

Valid Reports

300+

Hall of Fames

50+

Experience

3+ Years

Career Objective

Looking for a challenging role in a reputable organization to utilize my technical, web and network pentesting skills for the growth of the organization as well as to enhance my knowledge about new and emerging trends in the cybersecurity sector.

Resume

Education

2014
Punjab College

Intermediate in Computer Science (ICS)

ICS programme is designed to enhance the skills of students in computer science and information technology.

2016
University of Central Punjab

ADP IT Management

The program is designed with a blend of courses from both management and information technology. Project-based courses and hands-on learning opportunities equip students to help organizations solve complex business issues with advanced technology solutions.

Experience

2019 - Current
Bugcrowd

Bug Bounty Hunter

Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs. This is where i have been doing bug hunting since 2019. Currently i have 1700+ reps and i am in top 250 ath bugcrowd. Here is my bugcrwd Profile

2021
Synack

Synack Red Teamer

Synack is a private crowdsourced security platform. Which you only can join by completing their practical assessment by using your good set of skills. I am on level 4 currently here.

2020
HackTheBox

Script Kiddie Hacker

HackTheBox is an online hacking playground where you can practive and up your skill level by hacking into different types of linux and windows machine.

2020
TryHackMe

God Hacker

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. You can learn and practice your skills here. I am currently in top 1% at tryhackme with God rank. Here is my Profile.

Pentesting Skills

Web Application Pentesting

85%

API Pentesting

65%

Network Pentesting

70%

Active Directory Pentesting

5%

Coding / Other Skills

Bash

65%

Python

45%

HTML/CSS

50%

Linux

75%

Googling

100%

Knowledges

  • Cyber Security
  • SQLMap
  • Burp Suite
  • Metasploit
  • Linux
  • Wireshark
  • Communication
  • Bugs Chaining

Portfolio

SoundCloud Audio

SoundCloud Audio

SoundCloud
Media Project 2

Detailed Project 2

Detailed
Vimeo Video 1

Vimeo Video 1

Vimeo Videos
Media Project 1

Detailed Project 1

Detailed
Mockup Design 1

Mockup Design 1

Mockups
YouTube Video 1

YouTube Video 1

YouTube Videos

Blog

Account Takeover
Why I Switched to Sketch For UI Design

Account Takeover by Chaining Two IDORs
SSTI
Best Practices for Animated Progress Indicators

SSTI to Local File Read
Stored XSS
Designing the Perfect Feature Comparison Table

Account Takeover via Stored XSS
AWS S3 Bucket Misconfig
An Overview of E-Commerce Platforms

From Finding AWS S3 Bucket to Sensitive Data Exposure
See All Posts

Contact

San Francisco

415-832-2000

alex@example.com

Freelance Available

How Can I Help You?