I am a passionate Offensive Security Engineer from afine, committed to finding πΎ bugs and developing π€ software that enhances our work in security. My main areas of interest are π macOS internals and πΈοΈ web application security. I also have experience in π Active Directory and creating π¦ malware to bypass π‘οΈ EDRs.
I created some tools helpful for Offensive Security work, but there are two that I am the most proud of, they are:
- Crimson - this was my first big thing. Currently, I am not focusing on this tool. However, it is still powerful. My friends and I are using it to this day. This is also a great place to start your journey with Application Security.
- Snake&Apple - The code repository for the Snake&Apple article series documents my macOS security research.
As my daily work and some part of my free time research, I am looking for bugs π. I have caught many of them so far, and some have even received a public CVE. I am particularly proud of these two:
- CVE-2023-35359 - Windows Kernel Elevation of Privilege Vulnerability
- Hummingbird < 3.4.2 - Unauthenticated Path Traversal
In my free time, I also run a blog about - guess what π
I have participated in multiple CTFs, completed various courses, and obtained certifications through various platforms. Below are links that demonstrate some of these small accomplishments:
- Certs - OSCEΒ³, eWPTxv2, OSCP, OST2-Arch1001
- Pentesterlab - various web hacking courses & CTFs.
- RPISEC/MBE - Modern Binary Exploitation - CSCI 4968
- HTB - CTFs & Pro Labs
- CS50 - Harvard University - Introduction to Computer Science
You can reach me here:
If you enjoy my work and want to help me grow, you can sponsor me using any of the below options:
βBy subscribing to my Patreon, you will receive access to all of my published articles.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent