AVAILABLE FOR ENGAGEMENTS

YOUR NAME
Security
Researcher

Offensive Security  ·  Penetration Testing  ·  Vulnerability Research

I find the holes before the adversaries do. Specializing in web application security, network penetration testing, and exploit development with a decade of experience breaking things responsibly.

View My Work Get In Touch
47+
CVEs Reported
200+
CTF Challenges
$85k+
Bug Bounties
bash — recon.sh
root@kali:~# nmap -sV -sC target.local Starting Nmap 7.94 ( https://nmap.org ) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.9 80/tcp open http Apache 2.4.51 443/tcp open ssl/https [VULN: CVE-2024-XXXX] 3306/tcp open mysql MySQL 8.0.32
root@kali:~# sqlmap -u "https://target.local/api?id=1" [ + ] Parameter 'id' is injectable [ + ] Back-end DBMS: MySQL ≥ 5.6 [ ! ] Dumping database: 3 tables found
root@kali:~#
About Me

Offensive Mindset,
Defensive Purpose

I'm a security researcher and penetration tester with a passion for understanding how systems break. My work spans web application security, binary exploitation, and cloud infrastructure assessments.

I've worked with Fortune 500 companies, startups, and government entities to identify and remediate critical vulnerabilities before malicious actors can exploit them.

When I'm not breaking things professionally, I'm competing in CTF competitions, contributing to open-source security tooling, and writing detailed exploit research.

Red Teaming OSCP Web AppSec Binary Exploitation Reverse Engineering Cloud Security Threat Modeling
LOCATIONSan Francisco, CA
EXPERIENCE10+ Years
FOCUSOffensive Security
CLEARANCESecret (US)
LANGUAGESPython · Rust · C · Go
STATUS● Available — Q1 2025
RESUME ↓ Download PDF
Technical Skills

Capabilities

A breakdown of the tools and techniques I work with daily across offensive and defensive security disciplines.

Web Application Security
SQL Injection95%
XSS / CSRF90%
SSRF / IDOR88%
OAuth / JWT Attacks85%
Network & Infrastructure
Network Pivoting92%
Active Directory90%
Protocol Analysis82%
Wireless Attacks78%
Exploit Development
Buffer Overflows88%
ROP Chains80%
Reverse Engineering85%
Malware Analysis75%
Tools & Platforms
Burp Suite Pro97%
Metasploit92%
IDA Pro / Ghidra82%
BloodHound / Impacket88%
Research & Projects

Notable Work

Original vulnerability research, open-source tools, and client engagements I'm cleared to disclose.

CVE-2024-XXXXX — CRITICAL 9.8
Unauthenticated RCE in Popular CMS Plugin

Discovered a critical pre-auth remote code execution vulnerability affecting 2M+ WordPress installations. Full exploit chain via deserialization gadget in the plugin's REST API endpoint.

PHP Deserialization WordPress RCE
Full Write-up PoC Code NVD Entry
Open Source Tool
k8s-reaper — Kubernetes Attack Surface Mapper

A fast, parallel Kubernetes attack surface enumeration tool that identifies misconfigurations, exposed secrets, privileged pods, and lateral movement paths across clusters.

Go Kubernetes RBAC Cloud Security
GitHub Documentation
Research Paper
Breaking OAuth 2.0 in Enterprise SaaS

Systematic analysis of OAuth 2.0 implementation flaws across 50 enterprise SaaS products, resulting in 12 disclosed vulnerabilities and $42,000 in bug bounty rewards.

OAuth 2.0 OIDC JWT SaaS
Read Paper Slides
CVE-2023-XXXXX — HIGH 8.1
AWS IAM Privilege Escalation via Service Role Abuse

Novel technique for escalating AWS IAM privileges by chaining service role misconfigurations in managed policies. Affects multi-account setups with specific trust relationships.

AWS IAM Cloud PrivEsc
Write-up GitHub
CTF & Competition

CTF Writeups

Selected challenge solutions from Hack The Box, TryHackMe, and competitive CTF events. Full writeups on my blog.

Challenge Platform Category Difficulty Points Write-up
Cerberus Hack The Box Linux / AD Hard 40 Read
Office Hack The Box Windows / AD Hard 40 Read
Heap Overflow 101 picoCTF 2024 Binary Exploit Medium 300 Read
JWT Juggling DEFCON CTF Quals Web Insane 500 Read
Forgotten Flags TryHackMe OSINT Easy 100 Read
Rust Lockbox CSAW CTF Reverse Eng. Medium 250 Read
Certifications

Credentials

Industry certifications validating offensive and defensive security expertise.

2023 🔴
OSCP
Offensive Security
2023
CRTO
Zero-Point Security
2022 🔵
PNPT
TCM Security
2022 🟠
CEH Master
EC-Council
2021 ☁️
AWS Security
Amazon Web Services
2020 🟢
eJPT
eLearnSecurity
Contact

Get In Touch

I'm available for penetration testing engagements, red team exercises, vulnerability research partnerships, and speaking opportunities. All inquiries are treated with confidentiality.

EMAIL you@example.com GITHUB github.com/yourusername LINKEDIN linkedin.com/in/yourprofile TWITTER @yourhandle HACKERONE hackerone.com/yourprofile