I'm an Application Security Researcher with 5+ years of independent experience discovering and responsibly disclosing vulnerabilities through bug bounty and private vulnerability disclosure programs.
My primary interests include:
- Web Application Penetration Testing
- Broken Access Control
- GraphQL Security
- Business Logic Testing
- Security Automation
Over the years, I've reported 74+ valid vulnerabilities across public and private programs, earning Bugcrowd MVP recognition twice and multiple Hall of Fame acknowledgements.
- Python
- Bash
- Burp Suite
- GraphQL
- Linux
Recover GraphQL schemas from introspection-disabled endpoints using alternative discovery techniques.
Automates DNS resolution, port scanning, HTTP fingerprinting, and HTML report generation.
Combines passive discovery, DNS bruteforcing, and alternate hostname generation into a unified enumeration workflow.
Generates GraphQL queries from recovered schemas to accelerate manual application security testing.
Dictionary-based HMAC-SHA256 key recovery utility designed for long messages unsupported by Hashcat.
Educational JavaScript port of the Firefox CVE-2016-9079 exploit created during OSCP preparation.
- OSCP (Offensive Security Certified Professional)
- 74+ Valid Vulnerability Reports
- Bugcrowd MVP (2×)
- Hall of Fame Recognition from multiple organizations
- Volunteer Supervisor at Make A Difference
Always open to discussing application security, security tooling, GraphQL, and vulnerability research.