NusaSec

Welcome to NusaSec Team

Security researchers for real-world digital safety.

NusaSec is a focused team working on bug bounty, vulnerability research, and practical security support for teams that ship software.

Meet the Team
Meet the Team
Vulnerability Research / Bug Bounty / Web Security / Responsible Disclosure /
Impact Validation / Triage Ready Reports / Application Security / Clear Remediation /

About

A small team built around practical security work.

NusaSec is a security team focused on vulnerability research, bug bounty, and web security. We keep the work simple: understand the target, find real issues, write clear reports, and help teams fix what matters.

Our Amazing Team

Meet the people behind NusaSec

We are vulnerability researchers and operators helping teams find and fix security issues.

Security Researcher
0xShdax profile photo

0xShdax

Offensive Security Professional

Security Researcher
riodrwn profile photo

riodrwn

Red Team Enthusiast

Security Researcher
eo420 profile photo

eo420

Offensive Security Researcher

Security Researcher
type5afe profile photo

type5afe

Blockchain Security Practitioner

Projects we secured

Security work across public programs

Selected companies and ecosystems where our team has contributed vulnerability research and responsible disclosure reports.

Bumble logo
Uniswap logo
Booking logo
Pancake logo
Goto logo
Caterpillar logo
Kayak logo
Hyperbridge logo
X logo
Seal logo
Linktree logo
Bumble logo
Uniswap logo
Booking logo
Pancake logo
Goto logo
Caterpillar logo
Kayak logo
Hyperbridge logo
X logo
Seal logo
Linktree logo
Bumble logo
Uniswap logo
Booking logo
Pancake logo
Goto logo
Caterpillar logo
Kayak logo
Hyperbridge logo
X logo
Seal logo
Linktree logo
Bumble logo
Uniswap logo
Booking logo
Pancake logo
Goto logo
Caterpillar logo
Kayak logo
Hyperbridge logo
X logo
Seal logo
Linktree logo

Services

What we do

Simple security work: find issues, explain impact, help teams fix them.

Capability

Vulnerability Research

Find CVE-grade issues and prove real-world exploitability.

Deep technical research across applications, infrastructure, blockchain protocols, smart contracts, and exposed attack surfaces.

Root cause
Proof of concept
Disclosure notes
Output: CVE-ready research

Capability

Bug Bounty Operations

Active hunting across public and private security programs.

Research experience across HackerOne, Bugcrowd, HackenProof, Immunefi, Web3 ecosystems, and private disclosure programs.

Program scope review
Exploit chain
Report package
Output: Platform-ready reports

Capability

Red Teaming

Map attack paths and test defensive assumptions.

Adversary-style testing focused on practical paths to access, lateral movement, privilege gain, and remediation priorities.

Attack path
Detection notes
Fix priorities
Output: Actionable red team findings

Recent Blog Posts

Notes from the NusaSec team

Field notes on vulnerability research, bug bounty reporting, and practical security testing from the NusaSec team.

ResearchMay 2026

How we approach practical vulnerability research

A short look at how our team scopes targets, validates impact, and writes reports that engineering teams can act on.

Read post
Web SecurityApril 2026

Common web security issues we still find in production

Notes from recent testing patterns, including access control mistakes, exposed workflows, and weak trust boundaries.

Read post
Bug BountyMarch 2026

Writing bug bounty reports that survive triage

What makes a report easier to reproduce, prioritize, and fix without adding noise for program teams.

Read post

Contact and Join Us

Talk with the NusaSec team

For security work, research collaboration, or team inquiries, send us a message.