Cybersecurity professional with over 10 years of experience across IT engineering, vulnerability management, threat intelligence, threat detection and incident response.
In my free time, I hunt for software vulnerabilities and participate in bug bounty programs.
I was a GrrCON 2025 main stage speaker, presenting on how I discovered my first CVE.
-
CVE-2025-29471 – Authenticated Stored XSS + Privilege Escalation in Nagios Log Server 💥PoC Code |
▶️ PoC Demo | 📰 Featured -
CVE-2025-44824 – Incorrect Authorization in Nagios Log Server 💥PoC Code |
▶️ PoC Demo | 📰 Featured -
CVE-2025-44823 – Authenticated API Key Exposure in Nagios Log Server 💥PoC Code |
▶️ PoC Demo | 📰 Featured -
CVE-2025-53392 – Authenticated Arbitrary File Read in pfSense 2.8.0 via Diagnostics Web Interface 💥PoC Code
-
CVE-2025-54138 – Authenticated Remote File Inclusion in LibreNMS 25.6.0 via
ajax_form.php💥PoC Code
- Application Security – Discovered over a dozen vulnerabilities in Elastic software. Ranked #20 on the Elastic all-time leaderboard on HackerOne. Ranked #1 on the 2026 Elastic leaderboard.
-
API Security – Found a vulnerability in a production API that allows for the enumeration of over 300 active insurance policies.
-
Sensitive Information Disclosure – Located sensitive data exposed via public S3 buckets.