Hacker E-sport Logo

Salam! I’m Zishan Ahamed Thandar, a seasoned Cybersecurity Specialist and Ethical Hacker from Kolkata, India. With over 7+ years of hands-on experience in Penetration Testing, Bug Bounties, and Red Team Operations, I help organizations secure their digital assets against real-world threats. I specialize in Web App Security (WAPT), API Pentesting, and Vulnerability Research, backed by extensive experience in OWASP Top 10, SIEMs, and custom exploit development. Whether you're looking to audit a web platform, simulate advanced attacks, or harden your infrastructure, I’m here to deliver.

Let's collaborate to secure your future.

Offerings


Penetration Testing Report for Your System
Ultimate Web Security Checklist eBook
Sponsor via GitHub
Explore My GitHub Projects


Hall of Fames


Google
Oracle
AOL
MailRU
XiaoMi
EC-Council BB
EC-Council CC
Indian Govt
ZOHO
Shaadi.com
GeeksForGeeks
POST.nl
EUR.nl
ViSENZE
FineFriends
Hively




Bug Hunting Acknowledgements


Indian Govt
Netharlands Govt
Bangladesh Govt
EC-Council
GeeksForGeeks
PayTM
shaadi.com
Cambridge University


Qualification


B.Tech (AUE) 2015
HS(12th) 2011
Madhyamik(10th) 2009
Bosch 2013
Bosch 2014
NSDC 2015


Certified Skills


CWL Certified Red Team Analyst - CRTA
CWL Certified Cyber Security Analyst - C3SA
EC-Council Ethical Hacking Essentials
SoloLearn Python
SoloLearn JAVA
SoloLearn PHP
SoloLearn HTML
SoloLearn CSS
SoloLearn JavaScript
SoloLearn jQuery
Codecademy Python2
Codecademy Java
Codecademy Git&Github
Ardent Android


Experience


Bug Bounty Hunter at hackerone
Penetration Tester at Yogosha
Freelance Pentesting and Bug Bounty Hunting
CFSS Summer Internship


Projects


Burp Proxy Toggle FF Addon

Free Open Source Lightweight Firefox Pre configgured extension to toggle proxy for burp suite with one click.

Github Source
Firefox Addon

Writeups

HackTheBox, TryHackMe, VulnHub and Other CTF Writeups. Also some Bug Bounty PoC Writeups as Bonus.

GitHub Source
Writeup Link

Pentester Guide

A Basic Guide of Tools, Methodology, Scripts, Certifications, Learning, Labs, Jobs, Entertainment, Freelancing for Pentesters.

Guide Link
Webview

Hackify

Hackify is an open-source bash script to install pentesting wordlists and tools with a single command for Debian-based OS users.

Github Source
Author


Testimonials


“We greatly appreciate your effort in disclosing a security vulnerability responsibly & confirming the fix.”

Sai Prasad, Instamojo

“Thanks for your hard work, Zishan!”

AT&T

“We appreciate you bringing this to our attention.”

Edmodo

“Thank you for bringing the following vulnerability to our attention.”

Kate M Jeary, University of Cambridge


Contact Me




hackerone hackthebox TryHackMe


Resume (CV)