I’m a security researcher from Nepal focused on identifying and responsibly disclosing real-world vulnerabilities in web and API systems. I have responsibly disclosed hundreds of vulnerabilities across global platforms, helping organizations improve their security.
I’m Aawart KC, a penetration tester at YetiCyberOps Pvt. Ltd., based in Nepal, specializing in identifying and exploiting vulnerabilities in real-world web applications and enterprise systems. I contribute to offensive security research and perform security assessments focused on practical exploitation.
I participate in bug bounty programs and security platforms, where I have earned 30+ Hall of Fame recognitions for responsible vulnerability disclosures. I have reported hundreds of vulnerabilities across global platforms, helping organizations strengthen their security posture. I’m passionate about security research, responsible disclosure and continuous learning with active involvement in bug bounty programs, CTF competitions, and the security community.
Performing deep penetration testing and security research to identify critical vulnerabilities in enterprise environments. Helping clients strengthen their security posture by uncovering and responsibly reporting high-impact flaws in complex web systems before they can be exploited.
Contributed to securing 30+ well-known organizations through responsible vulnerability disclosures. Helped identify and report critical security flaws across enterprise and global platforms, including companies such as NASA, Red Hat, Cisco, Sony and others.
Won 1st place in an on-site solo bug bounty competition by identifying and exploiting real-world security vulnerabilities.
Secured 1st place in an on-site bug bounty and system penetration testing competition — my first on-site team victory.