Akash Ghosh

Akash Ghosh

@myselfakash20

Cybersecurity Expert | Bug Bounty Hunter | Security Researcher


Cybersecurity expert and bug bounty hunter, helping secure companies since 2022.

Explore My Projects BugBounty-Tools

About Me

I’m Akash, a passionate cybersecurity researcher and full-time bug bounty hunter since 2022.

I specialize in:
- Recon & OSINT Automation
- Google Dorking & Search Engine Recon
- Vulnerability Discovery & Exploitation
- Web Application Security (OWASP Top 10)
- Logic flaws,APIs, IDORs, XSS, Broken Access Control
- Subdomain Takeover, SSRF, CSRF, RCE, LFI, SQLi
- Finding unlisted/forgotten assets
- Private, independent bounty programs
- Thinking outside the scope


I see vulnerability research as a business asset - not just a technical role. My focus is on delivering measurable security outcomes.

Skills I Have

Pentesting:


Recon & OSINT Automation
Dorking & Search Engine Recon
Web App Security (OWASP Top 10, API Testing, Logic Flaws)
Advanced Recon & Asset Discovery
JS File Enumeration, Parameter Fuzzing



Languages:


Bash
Python
JavaScript
HTML/CSS
SQL
Java

Tools I Use

Recon & OSINT:


Amass
theHarvester
Subfinder / Assetfinder / Chaos
Shodan / Censys
FOFA / ZoomEye
GitHub Dorking / GitLeaks


Web/App Testing:


Burp Suite Pro
ZAP (OWASP)
Postman / Insomnia
Kiterunner / Dirsearch / Feroxbuster
Mitmproxy
Nmap / Masscan
SQLMap / XSStrike

Automation & Workflow:


Nuclei
GF + custom patterns
Waybackurls / gau / Hakrawler
QSReplace / Uro / Dalfox
MassDNS / dnsx / httpx-toolkit
ffuf / x8

Enumeration & Analysis:


JSParser / LinkFinder
SecretFinder / JSSecret
Gitleaks / TruffleHog / Gitrob
Retire.js / Wappalyzer CLI

Infrastructure / Hosting (if needed):


DigitalOcean & Aws
Ngrok & Localhost.run
Cloudflare Workers / Pages
Vercel / Netlify
Github Pages / Gist

Blog

I regularly publish educational writeups, bug bounty reports, and security research insights to share knowledge with the community and help others learn real-world hacking techniques.


All posts are written with clarity, practical value, and are based on real hunting experiences. Check them out on:

Visit Blogs

Hall of Fame

Recognized by these companies for security research:

Microsoft Tidal

Contact Me

Let’s connect. I'm open to:


- Private bug bounty programs
- Security research collaborations
- Mentorship opportunities
- Speaking engagements
- Freelance pentest work
- Recon or security collabs