$ whoami

Iliya Dindar

Engineering secure, scalable systems — hunting whatever breaks them.

Computer Engineer · Bug Hunter · AI Enthusiast

Based in Istanbul. I explore AI & NLP, hunt vulnerabilities through OWASP methodology, and ship tools that solve real problems.

View Projects Download CV
Open for collaboration
Studying OWASP Top 10
Istanbul, TR
current focus

What I'm working on

security

OWASP & Bug Bounty

Deep-diving into OWASP Top 10, practicing DOM XSS, CSRF, and injection vectors. Active in CTF challenges and bug hunting.

ai/ml

AI & NLP Exploration

Learning transformer architectures and experimenting with neural networks. Building AI-powered tools with real-world applications.

development

Full-Stack Systems

Shipping production apps with Next.js + TypeScript frontends and Python/Flask backends. Admin panels, APIs, and WebSocket services.

learning

Self-Directed Research

Exploring AI, NLP, and quantum computing concepts through personal projects, experiments, and deep dives into papers.

20+ Telegram bots shipped
12K+ Active bot users
6+ Production projects
3 Languages spoken
about

Who I am

Education

Computer Engineering, Nişantaşı University — 2nd Year

Interests

AI, NLP & Quantum Computing

Languages

English · Persian · Turkish

Security

Penetration Tester · Bug Bounty · OWASP

Builder

20+ Telegram bots (12K+ users), PyPI packages, full-stack apps

stack

Technologies

Languages

Python TypeScript JavaScript PHP C++ SQL Bash

Backend & Frameworks

FastAPI Flask Django Next.js Node.js

AI / ML

PyTorch TensorFlow Whisper AI Transformers

Data & Infra

PostgreSQL MySQL MongoDB Redis Docker Linux Nginx Caddy Apache

Security

OWASP Burp Suite Nmap CTF
projects

Things I've built

IliyaMed

Full-stack social platform with PHP frontend, Flask REST API, Next.js admin panel, WebSocket server terminal, and MySQL backend. Deployed in production.

PHP Next.js Flask MySQL WebSocket

TNT-AI

Real-time speech transcription & translation powered by Whisper AI with offline neural machine translation.

Whisper FastAPI React Native Docker

PyRoxi

High-performance async proxy library for Python with SOCKS5/HTTP support. Zero dependencies. Published on PyPI.

Python AsyncIO PyPI

Strategic GameBot

Multiplayer war-simulation Telegram bot with real-time strategy mechanics and persistent game state.

Python Telegram API Game Design

TrumpBot

AI-powered Telegram bot for fun group engagement with NLP-driven interactions.

Python NLP Telegram

ZipBike

File compression tool supporting Huffman, LZ77, and RLE algorithms with a custom .zbik format.

C++ Algorithms Compression
view all repositories on github
milestones

Achievements

GitHub Pro — Starstruck, Pull Shark ×2, Quickdraw badges

PyPI Published — Open-source Python packages in production

20+ Telegram Bots — Including one with 12K+ active users

Production App — Full-stack social platform live at lab.iliyadindar.site

CTF Player — DOM XSS, filter bypass, JS URI exploits

Cloud Deployments — VPS, Docker, production backends

security research

Writeups from the field

featured writeup

DOOM — Chaining CSPT, Open Redirect & XSS

Three findings that look minor on their own — a client-side path traversal, an open redirect, and an XSS sink — chained into a working exploit. Discovery, payload construction, and impact, step by step.

CSPT Open Redirect XSS Exploit Chain
read the writeup
more research on the blog
services

What I can build for you

Telegram Bots

Custom bots for automation, games, communities, and business — 20+ delivered, 12K+ users served.

Full-Stack Web Apps

Production-ready apps with Next.js, Flask/FastAPI backends, MySQL/PostgreSQL, and admin panels.

Security Audits

Junior penetration testing, OWASP Top 10 assessment, and vulnerability reporting for web applications.

Have a project in mind?

I'm open to freelance work and collaborations. Let's build something together.

Get in touch
connect

Get in touch

GitHub LinkedIn X Telegram Email Blog