Iβm a web security specialist with a deep focus on offensive security, application-layer vulnerabilities, and real-world exploitation. My work revolves around understanding how modern web applications break β and helping teams build them back stronger.
From dissecting authentication flows to chaining obscure bugs into critical impact, I approach every target with a mix of curiosity, precision, and adversarial thinking. Whether itβs a single-page app with complex client-side logic or a sprawling microservices architecture, I enjoy peeling back the layers to find what others miss.
| Domain | Expertise |
|---|---|
| π Recon & Enumeration | Subdomain takeover, JS scraping, parameter mining, passive OSINT |
| 𧨠Exploitation | Advanced XSS (DOM, CSP bypass), SQLi to RCE, SSRF chaining, prototype pollution |
| π Authentication | JWT tampering, OAuth misconfig, SSO bypass, 2FA weaknesses |
| 𧱠Access Control | IDOR, privilege escalation, broken object-level auth |
| 𧬠Logic Flaws | Business logic abuse, race conditions, workflow manipulation |
| π§° Tooling | Burp Suite Pro, ffuf, Interactsh, nuclei, custom Python/Bash scripts |
| π Methodologies | OWASP Top 10, Bug Bounty playbooks, PTES, MITRE ATT&CK (Web TTPs) |
- Perform black-box and gray-box web application penetration tests
- Hunt for vulnerabilities in production systems via bug bounty platforms
- Build custom tools and payloads for fuzzing, bypassing, and chaining exploits
- Analyze real-world breaches and write technical breakdowns
- Collaborate with dev teams to triage and remediate critical issues
- Stay ahead of the curve with bleeding-edge research and exploit development
- CSP bypass techniques and browser quirks
- SSRF β cloud metadata exfiltration (AWS, GCP, Azure)
- Deserialization and template injection in modern frameworks
- Web3 and smart contract attack surfaces
- Supply chain attacks in frontend ecosystems (npm, CDN, etc.)
- AI-assisted fuzzing and anomaly detection in web traffic
- π οΈ ReconCraft β Custom passive recon tool for JS scraping and endpoint extraction
- π§ͺ XSS Lab β Curated collection of real-world XSS vectors and CSP bypasses
- π BugWrite β Markdown-based reporting templates for clear, actionable vulnerability writeups
- π AuthZ-Checklist β A practical checklist for testing authorization logic in modern web apps
βSecurity isnβt about paranoia β itβs about precision. I donβt just break things. I model how they fail.β
I believe the best security work comes from empathy: understanding how developers think, how users behave, and how attackers exploit the space in between.
- π§ Email: [email protected]
- π Bug Bounty: HackerOne / Bugcrowd / Intigriti (DM for profile)
- 𧡠Twitter/X: [@yourhandle]
- π Blog: [yourblog.dev] β writeups, tools, and research