// offensive security researcher

Prakhar.

aka prakhar0x01 (Ghost)

Offensive security researcher and B.Tech CSE student with 2+ years of hands-on vulnerability research, web & API penetration testing, and responsible disclosure across Fortune 500 companies and government organisations. Reported 100+ valid vulnerabilities and authored 5 CVEs in widely deployed software. Ranked Top 100 security researchers in India on HackerOne (2025).

HackerOne ↗ GitHub ↗ Projects Contact
Top 100 India — HackerOne 2025 Top 5% — TryHackMe 5 CVEs — 2025 OWASP Contributor B.Tech Computer Science and Engineering
▾ scroll
100+ Valid Vulnerabilities
Disclosed
5 CVEs Authored
(2025)
#100 India — HackerOne
Leaderboard 2025
Top 5% Globally on
TryHackMe
01 // track_record

Hall of Fame

Google
Google
Privilege Escalation
United Nations
United Nations
PII Leak — 1M+ Records
US DoD
US Dept. of Defence
PII Leak & Account Takeovers
NASA
NASA
Multiple Account Takeovers
Netherlands Government
Netherlands Gov.
Internal Server Access (SSRF)
Starbucks
Starbucks
Information Disclosure
LeetCode
LeetCode
Business Logic Exploitation
Groww
Groww
Information Disclosure
City of Los Angeles
City of Los Angeles
Multiple Access Controls & PII Exposures
Mars
Mars
PII Exposures
Stanford University
Stanford University
Account Takeovers
MTN
MTN
LFI & Information Exposure
Kaseya
Kaseya
Account Takeover
Sony
Sony
Remote Code Execution (RCE)
Informatica
Informatica
Critical PII Exposure
Hilton
Hilton
Code Injection
British Airways
British Airways
Information Disclosure
& more programs
[confidential]
02 // experience

Work Experience

Security Researcher Jun 2024 – Present
HackerOne (Independent)
Remote · Bug Bounty & Responsible Disclosure
  • Discovered and responsibly disclosed 100+ valid vulnerabilities across Fortune 500 and government organisations — Google, Sony, Starbucks, British Airways, Informatica, United Nations, US Dept. of Defence, and more.
  • Identified high-impact vulnerabilities including RCE, IDOR, Auth Bypass, Privilege Escalation, SSRF, and PII Exposure (1M+ users); each submission delivered with full PoC, reproduction steps, impact assessment, and remediation guidance.
  • Authored 5 CVEsCVE-2025-59541, CVE-2025-59542, CVE-2025-59543 (Chamilo), CVE-2025-64489, CVE-2025-64490 (SuiteCRM) — affecting widely deployed open-source software.
  • Ranked Top 100 security researchers in India (2025) on HackerOne; Top 5% globally on TryHackMe. Multiple Hall of Fame recognitions.
  • Produced structured vulnerability reports covering CVSS scoring, MITRE ATT&CK mapping, business impact analysis, and step-by-step remediation.
Open Source Contributor Jan 2026 – Present
OWASP Foundation — Project Cornucopia
Remote · github.com/OWASP/cornucopia
  • Designed and shipped a Swagger API (/api/docs) endpoint for WebApp and MobileApp editions, improving API discoverability and enabling automated integration testing.
  • Resolved SSR failures and navigation inconsistencies across web and mobile editions through version and language routing for card pages.
  • Strengthened data integrity through schema-level input validation, preventing database truncation errors in production.
  • Resolved Docker build and CI/CD pipeline failures; contributor across 5 releases: v2.6.14, v2.6.20, v2.6.21, v2.6.24, and v2.6.30.
03 // projects

Open Source Projects

🧅 GitHub ↗
Tornet
TOR Network Enumeration Platform — catalogued 1,200+ hidden services, extracted metadata including uptime patterns, service fingerprints, and exposure indicators. Automated crawling with threat intelligence extraction.
PythonTOROSINT Threat IntelDarkWeb
🔍 GitHub ↗
Approach
Automated Recon & Triage Pipeline — integrates subdomain enumeration, passive OSINT, AI-driven vulnerability triage, and structured report generation. Reduces manual recon time by ~70% with real-time alerting on new attack surfaces.
BashPythonAutomation ReconBug Bounty
🕵️ GitHub ↗
Deceptor
Automated script to discover and bypass Web-Cache Deception vulnerabilities in real-world web applications. Enables efficient cache-poisoning surface discovery at scale.
PythonWeb CacheAutomation Web Security
🌐 GitHub ↗
Xpose
Deanonymization simulation platform for tracing operators behind illegal dark web sites. Combines advanced OSINT techniques with a web app and CLI interface for research-grade analysis.
PythonDarkWebOSINT Research
04 // technical_skills

Skills & Tools

Offensive Security
Web PentestingAPI Security VAPTVulnerability Research Business LogicThreat Modelling Responsible DisclosureCVSS Scoring Attack Surface Mapping
Tools
Burp Suite ProCaido NucleiFFUF NmapAmass MetasploitSQLMap FridaADB ShodanGit
Programming & Scripting
PythonBash Node.jsCSQL
Frameworks & Standards
OWASP Top 10MITRE ATT&CK NIST CSFCVE/NVD PTESCVSS v3.1
Cloud & Infrastructure
Linux (primary OS)Docker CI/CD PipelinesAWS Fundamentals API Security
05 // cve_assignments

CVE Assignments

CVE-2025-59541 Chamilo — nvd.nist.gov ↗ CVE-2025-59542 Chamilo — nvd.nist.gov ↗ CVE-2025-59543 Chamilo — nvd.nist.gov ↗ CVE-2025-64489 SuiteCRM — nvd.nist.gov ↗ CVE-2025-64490 SuiteCRM — nvd.nist.gov ↗
06 // certifications

Certifications & Achievements

Pentathon Finalist 2024 & 2025
Government of India · National-level VAPT competitive exercise
Smart India Hackathon Finalist
Government of India · National hackathon, security-focused solutions
Certified AppSec Practitioner (CAP)
The SecOps Group · Application security & secure development
Certified in Cybersecurity (CC)
ISC2 · Security principles, access controls, network security
07 // testimonials

What Programs Say

"Professional, high quality, and well written reports from Prakhar0x01. Thank you for the your time and dedication identifying and reporting vulnerabilities. Anytime I come across one from Prakhar0x01 I already know it's going to be a good report. Thank you."

🏛️
City of Los Angeles
via HackerOne

"Thank you Prakhar for reporting issues on Celigo's integration platform and making our business systems safer. Keep up the good work."

🔒
Private Program
via HackerOne

"This hacker's reports are very well written. The steps to reproduce are always clear and easy to follow, making the triage process smoother. Additionally, this hacker maintains a professional and friendly behaviour in all communications, which is greatly appreciated."

🛡️
Private Program
via HackerOne
08 // latest_posts

Write-ups & Blogs

Security Write-ups
6 posts
write-up
Exploiting YouTube’s Permission Model : A Privilege Escalation case
Aug 11, 2025
My experience of discovering and reporting a Privilege Escalation case in YouTube Studio (sub-un...
write-up
Account Takeovers & more : Hacking NASA
Jul 25, 2024
My experience of finding multiple security vulnerabilities in the NASA Systems. In this blog post...
write-up
The tale of IDOR's : Hacking US Dept. Of Defence
Jul 19, 2024
My experience of finding multiple IDOR's vulnerabilities in the US Army Systems sub-unit of US De...
Mindset & Philosophy
6 posts
mindset
Psychology of Motivation
Mar 10, 2024
Motivation drives our actions and decisions in various ways. From societal expectations to person...
mindset
Philosophy of Reality
Feb 01, 2024
Reality is a multifaceted concept which is more than just what we see or experience. It consists ...
mindset
Philosophy of Oppenheimer
Dec 30, 2023
Explore the philosophical insights of J. Robert Oppenheimer, focusing on his study of the Bhagava...
View All Posts →
09 // explore

Explore My Work

🐛
HackerOne Profile
Actual vulnerability work
 ⚙️
GitHub Profile
Projects, repos & contributions
 📝
Security Write-ups
Detailed research walkthroughs
 🎯
TryHackMe
Top 5% globally
 🧠
Mindset Blogs
Psychology & philosophy writings
 ✉️
Contact Me
Collaborations & inquiries