Jijin
Fullstack Developer · Indie Maker · Bug Bounty Hunter
Overview
Social Links
About
- Fullstack Developer and Indie Maker passionate about building products and open source tools.
- Skilled in Next.js, React, TypeScript, PHP, Laravel, GraphQL, and modern web technologies.
- Building products like HashMetrics, ClixWall, and CodeKeep.
- Creator of popular open source tools:
- VSCode Emoji Snippets: 149,000+ installs on VS Code Marketplace
- w3auth: JWT and refresh cookies with allowlist, NFT gating, and token gating
- Tailwind to CSS: Convert TailwindCSS to pure CSS
- SQL to GraphQL Schema Generator: Generate GraphQL schemas from SQL queries
- Cover Image Generator: Generate cover images with programming icons
- Bug Bounty Hunter: Found vulnerabilities on BuyMeACoffee, Fast.co, Flint & more.
- Currently building LootGO.app
- Hackathon Achievements:
- 2025
ETHGlobal Taipei - Participant (Boop) - 2024
ETHGlobal Bangkok 2024 - 🏆 Finalist (LootGO) - 2024
Farhack - 🏆 Finalist (Farhack Project) - 2024 ETHGlobal Frameworks - 🏆 Frameworks Finalist - 5 Prizes (Check-in Caster)
- 2023
ETHIndia 2023 - 4 Prizes - Airstack, 1inch & XMTP (Chain Scout) - 2023
ETHTokyo 2023 - 2 Prizes (DeCast) - 2022 ETHIndia 2022 - 7 Prizes including Polygon's Best UX (BeyondClub)
- 2022 Web3Conf India Hackathon - Prize Winner (Web3Conf Project)
- 2025
- Bug Bounty Findings: Found and responsibly disclosed 10 vulnerabilities across 10 platforms
- Fast.co - High (XSS)
- BuyMeACoffee - High (XSS)
- Spheron.network - Medium (Access Control)
- Alphatweet.xyz - Medium (IDOR)
- Paper.xyz - Medium (IDOR)
- MetaWork.Team - Medium (Security)
- MintNFT.Today - Medium (Security)
- Flint.money - Medium (Security)
- CrowdHolding - Medium (CSRF, XSS)
- Web3compass.xyz - Low (Access Control)
GitHub Contributions
Stack
Experience
LootGO
Current Employer- TypeScript
- Next.js
- React
- Node.js
- Web3.js
- Ethers.js
- PostgreSQL
- Tailwind CSS
BeyondClub
- TypeScript
- Next.js
- React
- Web3.js
- Ethers.js
- WalletConnect
- PostgreSQL
- Tailwind CSS
DevzStudio
Current Employer- TypeScript
- Next.js
- React
- Laravel
- PHP
- GraphQL
- Hasura
- PostgreSQL
- MySQL
- Tailwind CSS
- Web3
- Hardhat
Independent Projects
Current Employer- Product Development
- UI/UX Design
- Market Research
- User Acquisition
- Monetization
Bug Bounty Hunting
Current Employer- Web Security
- Penetration Testing
- Vulnerability Assessment
- OWASP
- Security Tools
- Reconnaissance
Open Source Contributions
Current Employer- Open Source
- Community Building
- Documentation
- Code Review
- Mentoring
Projects(7)
Sendacoin
Share your lens profile to collect payments!
HashMetrics
Connect multiple exchanges like Binance, FTX, Coinbase and blockchains to automate the collection of data from your crypto accounts.
CodeKeep
Organize your Code Snippets by assigning labels or grouping into folders. Generate Code Screenshots, Share and Discover reusable snippets.
Twimark
Organize your Twitter Bookmarks. Allows users to create label and bookmark the tweets.
Open Source(11)
w3auth
w3auth app allows access to JWTs and refresh cookies. Provide admins with the ability to limit access by allowlist, NFT gating, and token gating.
Tailwind to CSS
Built this tool convert tailwindcss to pure CSS. Helps users when they are migrating from tailwind to styled components / CSS..
URL Opener
I have made this tool to speed up my recon process (bug bounty). This one helps to filter the URL list and I can obtain the URL as per my requirements.
SQL to Graphql Schema Generator
Generate GraphQL Scheme Online From SQL Query. Paste SQL Query and click the run button to get the Graphql Schema. This one helps to boost my productivity in schema generation.
Security Research & Bug Bounty Findings
BuyMeACoffee
Discovered and reported a cross-site scripting (XSS) vulnerability in BuyMeACoffee platform, helping improve security for content creators.
Impact: Potential account takeover and data theft for platform users
Fast.co
Found and reported a cross-site scripting (XSS) vulnerability in Fast.co speed testing platform.
Impact: Potential malicious script execution affecting user data
Flint.money
Identified and reported a security vulnerability in Flint.money DeFi platform, contributing to safer decentralized finance.
Impact: Financial security improvement for DeFi users
CrowdHolding
Reported CSRF and XSS vulnerabilities on CrowdHolding platform, improving security for the crowdfunding community.
Impact: Enhanced security for crowdfunding participants
Paper.xyz
Discovered and reported an Insecure Direct Object Reference (IDOR) vulnerability in Paper.xyz NFT platform.
Impact: Unauthorized access prevention for NFT platform users
Alphatweet.xyz
Reported IDOR bug on alphatweet.xyz and created a pull request to fix the vulnerability, contributing directly to the codebase security.
Impact: Direct code contribution and security improvement
Spheron.network
Identified Improper Access Control vulnerability on Spheron.network decentralized hosting platform.
Impact: Access control security enhancement
Web3compass.xyz
Reported Access Control bug on web3compass.xyz, contributing to Web3 ecosystem security.
Impact: Web3 platform security improvement
MintNFT.Today
Discovered and reported security vulnerability in MintNFT.Today NFT minting platform.
Impact: NFT platform security enhancement
MetaWork.Team
Identified and reported security vulnerability in MetaWork.Team platform.
Impact: Team collaboration platform security improvement
