Shahadat Fahim

@shahadatfahimc

5.0(9)

Cyber Security Expert, Penetration Tester, Bug Bounty Hunter

Bangladesh

English, German, Russian, Spanish

About me

Hi, I'm Shahadat Fahim — a Certified Penetration Tester (eJPT, CRTOM) and Bug Bounty Hunter with hands-on experience in web application security. I help businesses identify and fix real vulnerabilities before attackers do — using OWASP Top 10, Burp Suite, and manual testing techniques. ✅ Certified: eJPT | CRTOM | TryHackMe Jr. Pentester ✅ Experience: Web App Pentesting, API Security, Auth Bypass, IDOR, Business Logic Flaws ✅ Deliverable: Professional PDF report with PoC, CVSS score, and remediation steps No automated scanner dumps. Real manual testing only.... Read more

Skills

Shahadat Fahim

Offline •

Portfolio

Work experience

Freelance Penetration Tester & Bug Bounty Hunter

Self-Employed

Aug 2025 - Present • 10 mos

Conducted web application penetration tests for clients worldwide. Identified critical vulnerabilities including IDOR, JWT flaws, XSS, and API key exposure. Active bug bounty hunter on HackerOne, Intigriti, and YesWeHack.

Web Application Penetration Tester

Cyber Bangla • Full-time

Feb 2025 - Nov 2025 • 9 mos

Executed OWASP Top 10 security assessments, identified vulnerabilities, and validated client remediation efforts. Delivered CVSS-scored reports with actionable fixes.

Web Application Penetration Tester

WebBattalion • Part-time

Feb 2024 - Nov 2025 • 1 yr 9 mos

Conducted web and API penetration testing using bug bounty-style methodologies. Tested authentication flows, business logic, and API endpoints for security flaws.

Need to get creative?

Looking for tech experts?

Ready to reach and convert consumers?

Looking for writers?

Get your business running smarter

Shahadat Fahim

Portfolio

Work experience