Zubair Usman Profile Picture
Available

ZUBAIR USMAN

Software Engineer | Developer | Bug Hunter

Helping businesses build secure, scalable, and high-quality software through full-stack development, cybersecurity, and software testing expertise.

ABOUT ME

I’m a passionate tech professional with expertise in development, cybersecurity, and software quality assurance. I help startups and businesses build secure, scalable, and well-tested applications by combining full-stack development skills with security-first thinking and quality-driven workflows. From automating tests to identifying vulnerabilities, I deliver clean, efficient, and secure solutions. Let’s connect if you're looking for someone who can code, test, and protect all in one place.

Personal Info

  • zus3cu@gmail.com
  • (+92) 3005258451

Language Skills

  • Urdu: Native Speaker
  • English: Professional Proficiency

PROJECTS & EXPLOITS

SSRF Exploitation Cheatsheet

2025
Web Security | SSRF | Burp Suite
  • Comprehensive cheatsheet for Server-Side Request Forgery (SSRF) vulnerabilities
  • Covers payloads, bypass techniques, and real-world exploitation scenarios
  • Useful for bug bounty hunters, penetration testers, and red teams
  • Includes Burp Suite configurations and SSRF chaining strategies
View Resource

OffSec Automation Toolkit

2024
Bash | Nmap | Sublist3r | Amass | Gau | Waybackurls | Dirsearch
  • Developed a modular Bash-based toolkit for efficient offensive security automation
  • Automates reconnaissance and enumeration using top open-source tools
  • Single script (`file.sh`) integrates scanning, subdomain discovery, and directory brute-forcing
  • Ideal for bug bounty and penetration testing workflows
View Toolkit

BugDrillX

2025
HTML | TailwindCSS | Cybersecurity | OWASP
  • Launched a full-stack educational platform for aspiring bug bounty hunters
  • Features structured learning paths: Recon, Web/Mobile Testing, Cloud, and more
  • Integrated real-world labs and tools for hands-on practice
  • Empowered over 500+ users to kickstart their ethical hacking journey
Visit BugDrillX

Edison Lighting MIS System

2024
C# | .NET Framework | Windows Forms | SQL Server
  • Developed a desktop-based Management Information System for a lighting company
  • Utilized Windows Forms and C# to build a user-friendly interface
  • Connected to SQL Server for structured data management and reporting
  • Compiled into a secure `.dll` for custom module deployment
View Edison-Lighting-MIS

Remote Code Execution (RCE) – Bug Bounty PoC

2024
Burp Suite | JavaScript Debugging | Exploit Development
  • Discovered critical Remote Code Execution vulnerability in a private web application
  • Exploited insecure eval() usage leading to command injection
  • Crafted a working proof-of-concept using JavaScript payloads and browser dev tools
  • Reported via responsible disclosure and received acknowledgment
View PoC on LinkedIn

WordPress Hosting Vulnerability Assessment

2024
Burp Suite | Manual Testing | Recon | WordPress
  • Discovered multiple critical vulnerabilities on a WordPress hosting platform
  • Exposed configuration files including wp-config.php and other sensitive data
  • Identified XSS flaws, directory listing exposures, and misconfigured HTTP headers
View Case Study

EDUCATION & TRAINING

Bachelor of Science in Software Engineering

Sep 2018 - Aug 2022
Abasyn University Of Sciences And Technology Peshawar peshawar.abasyn.edu.pk

Peshawar, Pakistan | EQF level 6

Matriculation in Computer Science

Jul 2012 - Aug 2014
GOVT Boys High School Rawalpindi

Rawalpindi, Pakistan | EQF level 4

DIGITAL SKILLS

Technical Skills

Project Management 90%
Technical Writing 85%
Article Writing 80%

Cyber Security

Bug Hunting 95%
Penetration Testing 90%
OWASP Top 10 92%
Linux Security 88%

Software Quality Assurance

Manual Testing 85%
Agile Testing 80%
Functional Testing 88%

Development

WordPress Development 82%
Python Scripting 78%
Packet Tracer 75%

PUBLICATIONS & AWARDS

Publications

Bug Bounty Hunting (2021)

This article discusses what bug bounty hunting is and how to get started. It also provides a list of resources for learning more about bug bounty hunting. Some of the important points are that bug bounty hunting is a great way to learn about security and that there are many different resources available to help you get started.

Bug Bounty Methodology (Volume 2) (2021)

This article discusses what bug bounties are and how to get started. It also details different reconnaissance and enumeration techniques to use when searching for vulnerabilities. Some specific vulnerabilities covered are XSS, SQL injection, and CSRF.

Bug Hunting with GPT: Tips, Tricks, and Prompts (2023)

Bug hunting is an essential aspect of software development. It involves identifying, analyzing, and fixing bugs to ensure the software functions as intended. With the advent of AI technologies like Generative Pretrained Transformer (GPT), bug hunting has become more efficient and effective. This article provides tips, tricks, and insights on how to leverage GPT for bug hunting.

Honors & Awards

Best Employee of the Year (2022)

Awarded by BRT Peshawar for dedication, hard work, and commitment to excellence that made a significant impact on the organization.

CONTACT ME

Get In Touch

Location

Rawalpindi Cantt, Pakistan

Email

zus3cu@gmail.com

Phone

(+92) 3005258451

WhatsApp

+92 3005258451

Follow Me

Send a Message