Arbaz Hussain

About Me

Experience

• Full-Time Bug Bounty Hunter (Mar 2016 - Mar 2022)
• Co-founded SecurityLit (Product Engineering) (June 2019 - Oct 2021)
• Web Application Security Triager at Immunefi (Apr 2022 - Present)
• Smart Contract Security Triager at Immunefi (Nov 2022 - Present)

Skills

• 🛡️ Ethereum-based Blockchain Security (Smart Contracts & DApp Auditing)
• 🔒 Web Application Security Testing
• 📱 Mobile Application Security (iOS & Android)
• ☁️ Cloud Security (AWS, Azure, GCP)
• 🛠️ DevSecOps & Web Security
• 🌐 Onchain Threat Monitoring Solutions
• 🎥 Motion Graphics & Video Editing (Adobe Premiere)
• 💻 Scripting Languages: Python, JavaScript, Bash
• 💻 Programming Languages: Golang, Rust, Solidity

Acknowledgements

• Top 100 hackers on HackerOne (2020)
• Synack Red Team Member for VAPT
• 250+ valid vulnerability reports via HackerOne (impact score of 20)
• 500+ overall valid reports across multiple platforms
• Acknowledged by 300+ companies, including Microsoft, Google, PayPal, etc.

Speaker @ Conferences

• BSides Ahmedabad 24: Web3 Bug Bounties: Why & How to Get Started
  Slides   Video


• DeFi Security Summit 24: The Bug Hunter's Guide to High-Quality Reporting
  Slides   Video


• BSides Ahmedabad 22: The Dark Side of DeFi
  Slides   Video


• Web3Conf Goa 23: Navigating EVM Chain Security: Smart Contract Vulnerabilities
  Video


• NULL-HYD 22: Introduction to Web3 & Security Pitfalls


• ThreatCon 22: Tour of Common Web3 Vulnerabilities

Open Source Projects

Maintaining open-source projects in Web3 security.

• EVM Vulnerabilities PoC Templates

  Creating reusable, easily modifiable PoC examples for various EVM-based vulnerabilities.

• Immunefi CLI Tool

  A Rust-based CLI tool that automates white-hat bug hunting processes.

Work Projects

Contributions to the Web3 community at Immunefi.

• Immunefi - Bounty Boosts Bug Reports
• Immunefi - Internal Audit of the Vault System & Arbitration
• Immunefi Community Challenges
• Wormhole Uninitialized Proxy Bugfix Review
• How ERC Standards Work - Part 1
• Synthetix Logic Error Bugfix Review
• Polygon Consensus Bypass Bugfix Review
• Moonbeam Missing Call Check Bugfix Review
• Sense Finance Access Control Issue Bugfix Review
• Aurora Withdrawal Logic Error Bugfix Review
• Immunefi POC Templates
• Beanstalk Logic Error Bugfix Review
• DFX Finance Rounding Error Bugfix Review

Personal Projects

Twitter Timeline

Book Recommendations

Thus Spoke Zarathustra

By Friedrich Nietzsche

An epic philosophical work that challenges and empowers readers to explore the depths of individual purpose.

Man's Search for Meaning

By Viktor E. Frankl

A profound reflection on surviving the Holocaust and discovering life's ultimate purpose.

The Forty Rules of Love

By Elif Shafak

A mesmerizing story that interweaves the lives of a modern woman and the legendary poet Rumi.

Limitless

By Jim Kwik

Techniques and mindsets for unleashing your brain's full capacity and achieving high-performance goals.

Be Here Now

By Ram Dass

An inspirational guide bridging Eastern spirituality and Western consciousness, urging us to live mindfully.

Personal Blog

• Why do I listen to music?
  [experience] [perspective] [music] • 5 Jun 2024
• Who's Got the Monkey?
  [leadership] [delegation] [productivity] • 1 Jan 2025
• Team Mate or Relationship? Learning while Trekking
  [experience] [perspective] [relationships] • 7 Jan 2025
• How Blockchain Technology Enhances Ethical Islamic Finance?
  [experience] [finance] • 3 Jan 2025
• How Society's Silent Shadows Influence Crime?
  [society] [philosophy] [injustice] • 16 Aug 2024
• My Skiing Adventure at Shymbulak, KZ
  [experience] [adventure] [life] • 19 Jun 2024
• Why Breaking Free from Expectations Changed My Life?
  [experience] [perspective] [life] • 19 Jun 2024

Bucket List

Spotify List

2023 Year in Sports: Strava 🏃