Shashank Bagule

Independent Security Researcher & Bug Bounty Hunter

Freelancer.com • Freelance

Nov 2025 - Present • 6 mos

I am an Independent Security Researcher and Bug Bounty Hunter with proven experience in identifying high-impact vulnerabilities in real-world production environments. I have successfully discovered and responsibly disclosed multiple security issues, including a CVE (CVE-2025-55184) and a high-severity JWT vulnerability for Xeal, for which I received a monetary bounty. I was also recognized in the official Security Hall of Fame of GEA Group for identifying critical API key exposure that could have led to financial misuse. My work has contributed to improving the security posture of production systems by identifying vulnerabilities such as authentication bypass, API misconfigurations, and sensitive data exposure. My expertise includes Web Application Security, API Security, Authentication Bypass, and OWASP Top 10 vulnerabilities. I use industry-standard tools such as Burp Suite, Nuclei, Nmap, Subfinder, and Amass for deep security testing. I focus on delivering clear, actionable reports that help organizations secure their systems effectively.