Add Markdown syntax content to file _tabs/about.md and it will show up on this page.

Introduction

Bikram Kharal

IT engineer | Penetration Tester | Bug Bounty Hunter | Freelancer

City: Kathmandu, Nepal

Email: themarkib0x0@gmail.com

Summary

A highly motivated and disciplined cybersecurity professional with proven expertise in web application and network penetration testing. Skilled in identifying and exploiting vulnerabilities, conducting thorough security assessments, and delivering actionable remediation strategies.

Certifications

• Offensive Security Certified Professional(OSCP) — June 2025 - Never
• Certified Red Team Professional (CRTP) — June 2024 - Jun 2027
• Web application Penetration Tester eXtreme (EWPTXv2) — May 2023 - Never
• BurpSuite Certified Practitioner (BSCP) — Jan 2024 - Jan 2029
• Certified Red Team Analyst(CRTA) — May 2025 - Never
• Certified Network Security Practitioner(CNSP) - 2024
• Certified Appsec Practitioner(CAP) - 2023

Hall Of Fame

• Sony
• Nextcloud
• Mattermost
• BBC
• Nokia
• European Union
• United Nations
• Utrecht University
• Netreo
• Codescene
• University of Twente Hall
• Wageningen University
• Uxcam

Acknowledged by

• Dutch Government
• Eset
• University of Cambridge

Publications

• CVE-2024-22158 — PeepSo Core: Photos Plugin < 6.3.1.0 - Cross Site Scripting (XSS)
• CVE-2023-39959 — Nextcloud <= 27.0.1 - Information Disclosure
• CVE-2022-2198 — WPQA <= 5.5 - IDOR to disclose private message reply
• CVE-2022-1422 — Discy <= 5.0 - Cross Site Request Forgery to Restore Default

Education

• Bachelor of Information Technology Engineering (2021 - 2025) Nepal College of Information Technology

• +2 Level Education (Science Faculty) (2018 - 2020) Sagarmatha Higher Secondary School

Social Handles

• Github: https://github.com/themarkib
• LinkedIn: https://www.linkedin.com/in/themarkib/
• Twitter: https://x.com/themarkib
• Medium: https://themarkib.medium.com/

---