H.O.P.E
Aashutosh
Devkota
Cyber Security Researcher  ·  Web Developer
Python Automation Enthusiast
Security Dev Python Educator
Get in Touch View work →
300+
Valid Vulns
Top 25
CISA Hacker List
aashutoshx24@nepal:~
whoami Aashutosh Devkota cat skills.txt Penetration Testing Bug Bounty Hunting Web Development Python Automation cat wins.txt 300+ Valid Vulnerabilities CISA Top 25 Hacker 2024 Security Researcher status Open to opportunities
Bug Bounty & Responsible Disclosure

Top Companies I Secured

Vulnerabilities responsibly disclosed to organizations across 4 continents

300+ Organizations  ·  Hall of Fame
Career

Work Experience

Code for Change
Vice Project Lead — Chitwan
Jan 2026 – Present · Full-time
Active
HackerOne
Security Researcher
May 2024 – Present · Freelance · 1 yr 11 mos
  • Ranked 2 Hackerone Leaderboard — VDP SECTION NEPAL SECTION (2025)
Active
Bugcrowd
Security Researcher
Mar 2024 – Present · Freelance · 2 yrs 1 mo
  • Assisted in identifying 60+ valid vulnerabilities across platforms
  • Ranked in the Top 25 Hacker List — CISA Annual Report (2024)
Active
Expertise

Core Skills

Offensive Security
Penetration TestingBug BountyOWASPRecon
Web Development
HTML/CSSJavaScriptREST APIs
Python Automation
ScriptingAutomationTooling
API Security
API TestingAuth FlawsInjection
$_
Linux & OS
Kali LinuxBashCLI
CVE
Vulnerability Reporting
PoC WritingCVEDisclosure
Credentials

Licenses & Certifications

APIsec University
APIsec Certified Practitioner
Issued Jan 2026
View Credential
Cisco
Ethical Hacker
Issued Feb 2025
View Credential
TryHackMe
Jr Penetration Testing
Issued Aug 2024
View Certificate
API
APIsec University
Certified API Security Analyst (CASA)
Issued Jan 2025
View Credential
Microsoft
Student Ambassadors Security Research Contributor
Issued Dec 2024
View Credential
Testimonials

What People Say

Aashutosh contacted my company to report a redirection vulnerability. The report was clear, actionable and concise. A Proof of Concept made it simple to replicate the issue and understand the implications.
Martin Chandler
Head of Technology Environments · Warwick Business School
Aashutosh recently discovered and responsibly disclosed a security vulnerability in a third-party service we utilize. Their detailed report made it easy for us to coordinate with the vendor's security team to get the issue fixed.
Colin McCune
Senior Director of Engineering · Sago Mini
Aashutosh responsibly submitted a vulnerability for one of our public-facing systems. They helpfully included information on how to reproduce it and references which helped us triage and remediate quickly.
Ryan Brooks
CTO for hire
Let's Connect

Open to Opportunities

Cybersecurity researcher & developer based in Nepal. Available for bug bounty collaboration, penetration testing engagements, and developer roles.

LinkedIn 1 HackerOne Bugcrowd Email
</> {} [] 0x