Security Researcher / Bug Bounty Hunter

ASSUME NOTHING.
TRUST NO INPUT.
LOG EVERYTHING.

I make bugs regret existing.

ANDROID & IOS SECURITY

WEB3 SECURITY

CVE RESEARCH

WEB3

BUG BOUNTY

ANDROID

IOS

WEB2

CLOUD

Core_Refraction_Index: 1.52 System_State: Stable

Security_Writeups Hall_of_Fame Direct_Contact

CVE-2025-66513 ASSIGNED

CVE-2025-66515 ASSIGNED

CVE-2026-21309 ASSIGNED

Recognition_Archive

HALL OF FAME

GOOGLE

MICROSOFT

APPLE

BLOG & INSIGHTS

DECLASSIFIED

JAN 2025

When WebView Bites Back: The Bug That Let JavaScript Run Wild

Discovering how improper WebView implementations in Android applications can lead to arbitrary JavaScript execution and potential security risks.

Android Security

ACCESS_FILE

ENCRYPTED

DEC 2024

How a News App Leaked OAuth Codes: A Real-World Interception Story

Discovering a critical vulnerability in an Android news application that allowed malicious apps to intercept OAuth authorization codes.

Android Security

DECRYPT_DATA

ARCHIVED

NOV 2023

SQLi Finding and Exploitation

A detailed walkthrough of discovering and exploiting a SQL injection vulnerability that led to a significant bug bounty reward.

Web Security

READ_LOGS

HIGH

MAR 2025

Unlimited Mint: The Chair Function That Could Break a Stablecoin

Analysis of a critical vulnerability in a federated token contract that allowed unlimited minting of the underlying token.

Web3 Security

MINT_TOKENS

THOUGHT_LOG

MAR 2025

Good vs. Bad: Are We Seeing Truth or Just Our Own Biases?

Exploring the timeless philosophical debate on whether morality is objective, subjective, or something in between.

Philosophy

ANALYZE_TRUTH

Establish_Connection

HAVE A MISSION?

Whether it's a security audit, a bug bounty inquiry, or just a technical deep dive, my secure lines are always open.

Email_Researcher Twitter_Feed All_Channels

Core_Status: Synchronized Nodes: 0xFD21_Active

ASSUME NOTHING. TRUST NO INPUT. LOG EVERYTHING.