The Hacker Behind the Brand

Insha Jabeen. The hands on the keyboard.

Security researcher, bug bounty hunter, and the founder of Medusa. This is the long version of how the brand came to be.

Medusa mark

@Medusa0xf

Insha Jabeen

Content CreatorEditorContent WriterSnake Bytes hostBug Bounty HunterSecurity Researcher

The story so far.

Medusa started where most security careers do. Deep in tutorials, late at night, breaking things nobody was supposed to. That turned into writing. Over 4+ years of cumulative work at Akto, the team shipped technical content for pentesters and developers on API security and OWASP issues, and realized most security content on the internet was written by people who had never actually exploited the thing they were describing. So Medusa started making its own.

The Medusa YouTube channel began as a way to share what we were learning. CVE breakdowns, bug bounty walkthroughs, real attacks from real reports. Along the way Insha ran a six-month security research internship at Traceable by Harness (Nov 2024 to May 2025), running internal pentests, API assessments, and detailed remediation reports. Medusa has published public writeups of HackerOne findings, including a $3,000 IDOR in a delivery app, and hosts the Snake Bytes podcast. 42,000+ people subscribe to the channel.

Medusa is the next step. The studio version of what started as a channel. If you are a security brand building in public, and you want content that earns respect from the people you are selling to, you are in the right place.

Timeline.

  1. 2022

    First technical writeup

    Exploiting XSS with JavaScript and JPEG polyglots. Publicly posted. Things escalated from here.

  2. 2023

    Content Writer at Akto

    4+ years of cumulative work writing API security and OWASP content for engineers.

  3. 2024

    Medusa channel crosses 10K

    The "10k the heck" moment.

  4. Nov 2024

    Security Research Intern, Traceable by Harness

    Internal pentests, API assessments, remediation reports.

  5. 2025

    $3,000 IDOR public writeup

    HackerOne bug bounty, fully published walkthrough.

  6. 2025

    Snake Bytes podcast launches

    Real attacks, real code, no fluff.

  7. 2026

    Medusa becomes a studio

    The brand you're looking at right now.

The arsenal

Every tool. Every attack surface. Every format.

The working kit behind every Medusa asset. Hover a group to see the weapons we pull off the shelf most.

Offensive

Tools we reach for on every engagement.

Burp Suite

Intruder. Repeater. Extender.

Postman

API chaining.

Nmap

Recon and service discovery.

Linux

Daily driver, always.

Recon workflows

Subdomain to shell.

WALL OF FAME · BRANDS WORKED WITH

NordProtect
NordProtect
Penligent AI
Penligent
Safeline WAF
Safeline
Kryptsec
Kryptsec
X-VPN
ShannonAI
RedSentry
RedSentry
Harness
Akto
Akto
Traceable AI
Sudarshana
Sudarshana
NordProtect
NordProtect
Penligent AI
Penligent
Safeline WAF
Safeline
Kryptsec
Kryptsec
X-VPN
ShannonAI
RedSentry
RedSentry
Harness
Akto
Akto
Traceable AI
Sudarshana
Sudarshana

Your next best piece of content probably shouldn't be written by a marketing intern.

Let's talk about what Medusa could build for your brand.

Book a discovery call
Email insha@medusa0xf.com