I'm a Security Researcher based in 
India ๐ฎ๐ณ.
I hunt bugs, break systems, and build tools that help others do the same ๐ฅ
- ๐ฏ 10+ CVEs published (XSS, RCE, SQLi, Auth Bypass, etc.)
- ๐ ๏ธ Contributor to Exploit-DB, Metasploit, and CIS Benchmarks
- ๐ค Speaker at CrestCon (London) & ThreatCon (Kathmandu)
- ๐ง Shellcode author and CTF machine creator for HTB & VulnHub
> echo "Touhid Shaikh"
โโโ(root๐touhid)-[~/research]
โโ$ whoami
Security Researcher | Exploit Developer | Open Source Contributor
โโโ(root๐touhid)-[~/CVEs]
โโ$ cat highlights.txt
โ
OSCP | OSCE | CRT | CPSA | ISCยฒ CC
๐จ CVE-2024-43381 โ Stored XSS in reNgine
๐ฏ RCE on Netgear, TP-Link, OnePlus Web Services
๐ MBA (ITASM) | BSc IT
๐ Conferences: CrestCon (UK), ThreatCon (Nepal)- Suid Binary โ .so Injection(Weak File Permissions)(Privilege Escalation)
- Port Forwarding Explained
- PSV-2018-0182: NetGear WNR614 WiFi Home Router Unauthenticated Remote Admin Forcibly Logout
- (De | Un)serialization Detailed with Demo
- ๐ CVE-2024-43381 โ Stored XSS in reNgine
- ๐ฅ CVE-2021-29069 โ Command Injection in Netgear Router
- ๐ก๏ธ CVE-2018-11714 โ Auth Bypass in TP-Link Routers
- ๐ฅ๏ธ 10+ total CVEs โ see full list on Exploit-DB
Proud to be acknowledged by:
- ๐ Apple โ Security Misconfiguration
- ๐ Synology โ Remote Code Execution, SSRF and Security Misconfiguration
- ๐ถ Netgear โ Remote Code Execution and XSS and Security Misconfiguration
- ๐ OnePlus โ Remote Code Execution
- ๐ฏ Arlo, Registrar.gov, HackTheBox, PlaySMS, and more.
- ๐ PagedOut Magazine โ Article on Netgear RCE
- ๐งช Subzy Contributor โ Subdomain Takeover Checker
- ๐ CIS Benchmark โ pfSense Security Guidelines
- โ๏ธ Metasploit Contributor โ Custom Exploits
- ๐งจ ShellPop โ Shell Generator Tool
Thanks to everyone who has referenced or credited my work in their repositories!