About
Avid cybersecurity enthusiast with a strong focus on bug bounty hunting and web app penetration testing.
Creative, out-of-the-box thinker that can leverage various domains of knowledge to create uniquely tailored tests and solutions for complex problems.
Curious by nature, intrigued by how things work, and have a passion to find weaknesses in their design and implementation.
Skills
Knowledge of:
- Windows
- Active Directory
- Python
- Docker
Experience with:
- Virtualbox
- Linux
- Bash scripting
- Bug hunting
- SQLi (SQL Injection)
- SSTi (Server Side Template Injection)
- CSRF (Client Side Request Forgery)
- SSRF (Server Side Request Forgery)
- Race Conditions
- Idor (Insecure Direct Object Reference)
- XSS (Cross Site Scripting)
- Subdomain Takeovers
- Logic Flaws
- Various tools
- Metasploit
- Sqlmap
- Burp Suite Pro
- nmap
- etc
- CTF (Capture The Flag) Strengths
- Steganography
- OSINT
- Web
- Cryptic ciphers
Training
- Completed
- Jr Penetration Tester Pathway
- CompTIA Pentest + Pathway
- Completed:
- Practical Ethical Hacker
- Open Source Intelligence Fundamentals
- Linux Privilege Escalation
- Beginners IOT and Hardware Hacking
- Python 101
- Current
- PNPT - Practical Network Penetration Tester (80% complete)
- Practical Malware Analysis & Triage (50% complete)
Portswigger Web Security Academy
Projects
- Bug Bounty / Recon boxes hosted through different cloud providers
- Malware Analysis home lab
- Flare VM (Windows)
- REMnux (Linux)
- Active Directory home lab
- Windows Server 2022
- Windows 10 (x2)
- Kali linux
- Hardware Hacking home lab
- Logic analyzer for reading UART signals
- ch341a EEPROM Programmer for extracting firmware from devices
- TP-Link WR841n Wireless Router used as target testing device
- Writing a few automation scripts
- Pam++
- Recon++
- KingMe
- More to come
- Discord Community
- This blog…
Certifications
PJPT - Practical Junior Penetration Tester (June 2024)