Security Researcher
& Bug Bounty Hunter

Finding critical vulnerabilities in enterprise systems. Specializing in web security, authentication bypasses, and business logic flaws across major platforms.

Account Takeover Business Logic XSS & CSRF API Security Burp Suite Linux Terminal
terminal — bugatsec@portfolio:~
$ whoami
Ranveer "bugatsec" Kohli — Security Researcher
$ tools --primary
Burp Suite • Nmap • Gobuster • Sqlmap • ffuf • nuclei • custom scripts
$ findings --stats
14+ Valid Vulnerabilities • 3 Critical CVSS 9+ • 5 Platform Programs
$ _

Companies I've Hacked

Hack Club
Mercedes Benz
Porsche
Sporx
OpenAI
Hilton

Featured Findings

CRITICAL • CVSS 9.8

Full Account Takeover Chain

Hilton Honors

Chained unverified email registration with OTP race condition to hijack any user account, completely bypassing 2FA verification through logical flaw exploitation.

Account Takeover Race Condition 2FA Bypass Authentication
HIGH • P2

Business Logic Bypass

OpenAI (Bugcrowd)

Discovered and exploited message editing functionality to bypass conversation limits for free accounts, demonstrating fundamental business logic flaw in AI platform.

Business Logic Limit Bypass API Security
CRITICAL

Stored XSS to Account Control

Sporx (VDP)

Stored XSS in user profile fields (name, address) leading to cookie theft and full account compromise on major sports social media platform.

Stored XSS Cookie Theft Client-Side DOM
CRITICAL • CVSS 9.1

Production Config Leak

Playtika (Slotomania)

Custom dork discovery leading to exposure of 25+ API keys, Facebook App IDs, and production credentials through misconfigured cloud storage.

Information Disclosure API Keys Reconnaissance Cloud

Technical Skills

Web Vulnerabilities

  • XSS (DOM/Stored/Reflected)
  • SQL Injection & XXE
  • CSRF & Clickjacking
  • SSRF & Web Cache Poisoning
  • OAuth & SSO Vulnerabilities

Tools & Environments

  • Burp Suite Professional
  • Linux & Terminal Mastery
  • Custom Scripting (Python/Bash)
  • Docker & Virtualization
  • Network Analysis (Wireshark)

Methodology

  • Reconnaissance & Enumeration
  • Authentication Testing
  • Business Logic Analysis
  • API Security Testing
  • Bug Chaining & Exploitation

Security Projects

OPEN SOURCE

Dorking-Duck

Google Dorks generator with 150+ curated dorks for finding APIs, cloud exposures, directory listings, admin panels, and sensitive files for bug bounty research.

Python OSINT Reconnaissance CLI
View on GitHub
SECURITY TOOL

Ghostmark

Command-line image forensics toolkit for metadata extraction, steganography detection, image hashing, and password protection detection.

Python Forensics Image Analysis CLI
View on GitHub
EDUCATION

Raina

Cybersecurity awareness web toolkit featuring email breach checks, hash generators, link analyzers, and phishing awareness tools for educational purposes.

JavaScript HTML/CSS Security Education Web
View on GitHub
LEARNING

Exploit-Diary

Collection of notes and Python scripts for web vulnerabilities including SQLi, XSS, CSRF, and DOM-based attacks based on PortSwigger learning.

Python Security Notes Learning Automation
View on GitHub

Get In Touch

Email

bugatsec@gmail.com

GitHub

@Ranveerrrrr

Medium

Security Write-ups

LinkedIn

Professional Profile