Lawal Qasim Akanji

Cybersecurity Specialist | Bug Bounty Hunter

About

A highly motivated and hands-on Cybersecurity Specialist with proven expertise in API and web application security, including extensive practical experience in bug bounty hunting. Proficient in identifying and mitigating complex vulnerabilities such as logic flaws, broken access control (BAC), and insecure authentication flows. Adept with industry-standard tools like Burp Suite, Nmap, and Nuclei, complemented by a strong foundation in network fundamentals and web security testing. Demonstrated ability in responsible disclosure and vulnerability reporting on live platforms. Eager to leverage offensive security skills to contribute to a dynamic security team and solve real-world challenges.

Work Experience

Bug Bounty Hunter

Freelance

Dec 2025 - Present

Independently conducted comprehensive security assessments and reported critical vulnerabilities across diverse live web applications within private and public bug bounty programs.

  • Expertly identified and exploited critical API and web application logic flaws, including Broken Access Control (BAC), Insecure Direct Object Reference (IDOR), and authentication bypass vulnerabilities.
  • Executed comprehensive security testing and real-world exploitation across diverse application environments, enhancing system resilience.
  • Strengthened analytical and problem-solving capabilities by meticulously investigating complex business logic and access control issues, leading to effective vulnerability resolution.

Vulnerability Assessment and Penetration Testing (VAPT) Intern

Cyberplural MSSP Limited

Dec 2025 - Present

Participated in vulnerability assessments and penetration testing engagements, developing practical skills in network and application security.

  • Gained practical experience in network scanning and vulnerability identification using industry-standard tools like Nmap and Nessus.
  • Collaborated effectively with cross-functional teams to conduct thorough vulnerability assessments, improving overall security posture.
  • Developed proficiency in utilizing advanced penetration testing tools, including Metasploit, under direct supervision.
  • Contributed significantly to client security training initiatives, enhancing client understanding and adoption of best security practices.

Education

Computer Science

Federal Polytechnic Bauchi

Certificates

API Fundamentals, API Penetration Testing, OWASP API Security Top 10

APIsec University

Skills

Web Application Security

  • API Security
  • Bug Bounty
  • Logic Flaws
  • Broken Access Control (BAC)
  • Insecure Authentication
  • Business Logic Vulnerabilities
  • IDOR
  • Authentication Bypass
  • OWASP Juice Shop
  • PortSwigger Web Security Academy

Penetration Testing

  • Vulnerability Assessment
  • Exploitation
  • Security Testing
  • Offensive Security
  • Metasploit
  • Burp Suite

Network Security

  • Network Fundamentals
  • Nmap
  • Nessus
  • Nuclei
  • Network Scanning

Vulnerability Management

  • Responsible Disclosure
  • Vulnerability Reporting
  • Remediation

Analytical Skills

  • Problem Solving
  • Critical Thinking
  • Investigation

Collaboration

  • Teamwork
  • Cross-functional Teams