Profile Profile Hover

Raunak Gupta

Security Researcher

Freelance security researcher and bug bounty hunter specializing in Android, Web, and API security. Passionate about open-source, AI, and LLMs. Legally helps companies secure their digital assets through ethical hacking & responsible disclosure.

Recent Activities

Bug Bounty

Reported critical vulnerabilities in multiple corporate web applications.

Tool Release

Developed and published multiple original tools focused on Android and web application security testing.

Blog Post

Covered topics like Broken Access Control, Injection Vulnerabilities, and Business Logic Flaws.

Security Projects

Bug Bounty Findings

Exploiting Broken Access Control to Access My College Panel

A detailed write-up on how I discovered and exploited a vulnerability to access my college's internal panel without needing any credentials.

Critical View Report

Comment Section Takeover via IDOR on GeeksForGeeks.com

A write-up on how a single unauthorized request exploiting Insecure Direct Object Reference (IDOR) allowed me to take control of the comment section on the GFG platform.

High View Report

Security Tools

Elite Google Dorks Search by Biscuit

A powerful search tool by Biscuit to uncover sensitive files, login panels, and vulnerable parameters using curated Google dorks.

Google Dorks Recon Information Gathering
View on GitHub

Automation Scripts

BugBash One

A one-stop script to set up essential bug bounty tools instantly. Simplifies your recon and automation setup in a single run.

View on GitHub

Android Export Viewer

A lightweight tool to extract and display exported components from Android apps, helping identify exposed activities, services, and receivers for security analysis.

View on GitHub

Blogs & Proof of Concepts

Blog cover
May 7, 2025 2 min read

From JS Recon to HTML Injection

A quick walkthrough on how JS recon uncovered an HTML injection vulnerability for potential exploitation.

HTML Injection Client-Side
Read More
Blog cover
May 6, 2025 2 min read

Hacking Hospital: Mass PII Leak

A case study on how a vulnerability in a hospital system led to unauthorized access and exposure of sensitive patient information.

PII Exposure Healthcare Data Leak
Read More
Nov 10, 2024 4 min read

30 Must-Read Books to Learn Hacking

A curated list of 30 essential books covering ethical hacking, web security, networking, malware analysis, and more for all skill levels.

Hacking Books Cybersecurity Learning Resources
Read More
Nov 5, 2024 5 min read

55 YouTube Channels to Learn Hacking

A curated list of the best YouTube channels to learn ethical hacking, bug bounty, and cybersecurity from experts around the world.

YouTube Hacking Tutorials Cybersecurity
Read More

Infosec Documentation

Vulnerabilities

Insecure Direct Object References (IDOR)

Detailed writeup on identifying and exploiting IDOR vulnerabilities with mitigation strategies.

Read Documentation

WordPress Pentesting Guide

Guide to identifying and exploiting common WordPress issues like vulnerable plugins, weak admin panels, and misconfigurations with remediation tips.

Read Documentation

GraphQL API Security Testing

Short guide on exploiting GraphQL flaws like introspection, unauthorized access, and data leaks, with tips for secure implementation.

Read Documentation

Security Tools

Burp Suite

Complete guide to using Burp Suite for web application security testing.

Read Documentation

Browser Extension for Bug Bounty

A handpicked list of browser extensions that enhance productivity, automation, and reconnaissance during bug bounty hunting.

Read Documentation