Security Researcher

Ilyas
Bouchantouf

// Bug Bounty Hunter & Vulnerability Researcher

Security researcher focused on web application security, account takeover research, and responsible vulnerability disclosure.

#3
U.S. Department of State
~200
Vulnerabilities Reported
15
Age of First Bug
๐Ÿ›ก๏ธ
Focus Areas

Security Research

Focused on real-world vulnerabilities across web applications, identity systems, and public attack surfaces.

๐Ÿ“‹
Responsible Disclosure
Reporting vulnerabilities ethically through public and private programs, following coordinated disclosure practices to protect users while giving organizations time to remediate.
Methodology โ€ข Impact โ€ข Responsible Disclosure
๐ŸŒ
Web Application Security
Researching real-world flaws in authentication, authorization, access control, and application logic across a wide range of public and private web platforms.
Methodology โ€ข Impact โ€ข Responsible Disclosure
๐Ÿ”—
Broken Link Hijacking
Identifying hijackable external references, abandoned social links, and brand-impersonation risks that expose organizations to reputational and security threats.
Methodology โ€ข Impact โ€ข Responsible Disclosure
๐Ÿ”‘
Account Takeover Research
Studying authentication flows, session handling, recovery mechanisms, and identity-related weaknesses that could allow unauthorized access to user accounts.
Methodology โ€ข Impact โ€ข Responsible Disclosure
Recognition

Achievements

Recognized by government agencies and international organizations for responsible vulnerability disclosure.

ibh@recon:~$ cat achievements.log
Writing

Articles & Write-ups

Documenting research, techniques, and stories from the field. Coming soon.

My First Bug at 15
Soon
Personal
How I Ranked #3 in the U.S. Department of State Program
Soon
Bug BountyResearch
Broken Link Hijacking: A Practical Research Path
Soon
Research
Account Takeover Research Notes
Soon
ATOResearch
Balancing Security Research with CPGE
Soon
Personal
Toolkit

Skills & Tools

๐ŸŒ
Web Security
๐Ÿ†
Bug Bounty
๐Ÿ“‹
OWASP Top 10
๐Ÿ”‘
Account Takeover
๐Ÿ”—
Broken Link Hijacking
๐Ÿ”
Reconnaissance
๐Ÿ
Python
๐Ÿง
Linux
๐ŸŽฏ
Burp Suite
๐Ÿ“ก
Nmap
Get In Touch

Contact

Open to collaboration, responsible disclosure coordination, and interesting opportunities.