Madhusudan Acharya
0x4d5341
I break things so you don't have to. Specializing in web application security, vulnerability research, and penetration testing. Bug bounty hunter with findings acknowledged across multiple platforms.
Web Application Pentesting
Comprehensive security assessment of web applications including OWASP Top 10, business logic flaws, authentication bypass, and authorization issues.
API Security Testing
In-depth testing of REST and GraphQL APIs for broken access controls, injection flaws, rate limiting issues, and data exposure vulnerabilities.
Network Pentesting
External and internal network penetration testing to identify misconfigurations, exposed services, and exploitable vulnerabilities across your infrastructure.
Mobile Application Security
Security assessment of Android and iOS applications including reverse engineering, insecure data storage, and client-server communication analysis.
I provide professional penetration testing reports with detailed findings, severity ratings, reproduction steps, and remediation guidance. Below are sample assessment categories. Reach out to discuss your security needs.
I'm Madhusudan Acharya, a security researcher and penetration tester based in Sydney, Australia. Previously at Threatnix Nepal where I focused on web application security research. Currently pursuing a Master's in Information Technology with a specialization in Cybersecurity.
As an active bug bounty hunter since 2021, I've identified and responsibly disclosed vulnerabilities across multiple platforms including HackerOne and Bugcrowd. My focus areas include IDOR, XSS, business logic vulnerabilities, SSRF, and access control issues.