Isle of security

Blog

  • Whoami

    ┌──(tayyab㉿security)-[~/whoami]
    └─$ whoami

    Muhammad Tayyab Qadir
    OSCP Certified Penetration Tester
    Offensive Security Engineer @ Wimi

    Specializing in:
    – Web & API Pentesting
    – Authentication Bypass
    – Account Takeover Research
    – Red Teaming

  • Acknowledgements

    • Artlogic Media Ltd: Awarded £7,000 for successfully identifying a critical vulnerability in the admin panel.  
    • Huntress: Earned $7,331 for critical findings related to admin panel access and control flaws.  
    • Mobile Tracker Free: Awarded €5,000, including rewards for high-impact vulnerabilities in the admin interface.  
    • Rewind.io: Contracted for a 6-month engagement, earning $5,000 for the first 2 months and $4,000/month thereafter; continued reward of $6,750 in 2025 for sustained contribution.  
    • Recognized by Microsoft and added to their Security Researcher Hall of Fame, earning a Silver Recognition Coin.  
    • Listed in the Hall of Fame of companies for discovering unknown vulnerabilities: Oracle, cPanel, Sony, SAP, Bitdefender, BMW, Transloadit, Yanomo, ESET, Blackberry, AVG, Picture Push, Intel, Ruby on Rails, Recurly, Inc, X (Formerly Twitter), Admiral, Udemy, Automattic, Rentalcars.com, Chrono24 GmbH , AppLovin, Inc, Dynamic Labs, Fig, Kaspersky, Bitaccess, Mixmax, Keybase, Colourbox ApS, ROCeteer, Zenefits, Xero, Indeed, Optimizely and more (100+ could provide prove upon request)

      Thank you.