
Hammas M
Freelance Web Penetration Tester
Skills

Bekijk mijn diensten


Portfolio
Werkervaring
Freelance Security Researcher & Penetration Tester
Freelancing Career • Freelance
Jan 2025 - Present • 1 yr 6 mos
I perform web application penetration testing and security assessments for clients across various industries. My work includes identifying critical vulnerabilities such as broken access controls, API security flaws, sensitive data exposure, and authentication bypasses using OWASP Top 10 methodology. I am also an active security researcher on the Bugcrowd bug bounty platform where I discover and responsibly disclose vulnerabilities in real-world web applications. My findings include unauthenticated API endpoints exposing PII, internal asset exposure in production environments, and WordPress security misconfigurations. Tools: Burp Suite, Nmap, WPScan, Nuclei, Postman, tcpdump, Wireshark Methodologies: OWASP Top 10, PTES, CVSS 3.1, API Security Testing