I focus on finding, validating, and communicating security issues across web applications, APIs, Android apps, and infrastructure-facing tooling. My work combines secure development, vulnerability research, CTF practice, bug bounty methodology, and clear technical reporting.
|
Application Security
Web App Testing API Security Testing Authentication & Access Control IDOR, Logic Flaws & Payment Flow Review Vulnerability Validation & PoC Writing |
Offensive Security
Reconnaissance Directory Bruteforcing Endpoint Fuzzing CTF Challenge Solving Bug Bounty Reporting |
Security Engineering
Python Security Automation Packet Analysis Android App Assessment APK/API Investigation Security Documentation |
|
Languages
Python JavaScript TypeScript PHP Kotlin HTML/CSS |
Frameworks & Platforms
Flask Node.js React Tailwind CSS Firebase Android Studio |
Libraries & Utilities
Requests Scapy CustomTkinter Playwright Three.js Git & GitHub |
| Recon Map assets, endpoints, exposed surfaces, and trust boundaries. |
Test Validate authentication, authorization, input handling, and business logic. |
Report Write practical PoCs, impact summaries, and remediation-focused findings. |
| AppSec Web, API, Android |
Research CTFs, CVEs, bug bounty |
Automation Python tooling and scanners |
Reporting PoCs, impact, remediation |
