Application Security Engineer with hands-on experience in web application security, vulnerability management, and security research. I work on identifying and validating security vulnerabilities in real-world production environments, combining manual testing with automation to improve vulnerability discovery and remediation processes.
I actively research web application vulnerabilities and contribute to responsible disclosure.
Published CVEs
- CVE-2025-10720 — Authentication Bypass in WordPress plugin
- CVE-2025-62950 — CSRF vulnerability in WordPress plugin
Related resources:
- https://wpscan.com/vulnerability/5295e8da-7aba-4322-981b-80d692b3bc35/
- https://wpscan.com/vulnerability/09aad613-162c-41f3-bf91-80fe733771f9/
Security
- Web Application Penetration Testing
- OWASP Top 10
- Vulnerability Management
- CVSS & CWE Analysis
Security Tools
- Burp Suite
- Nmap
- Metasploit
- SQLMap
- Nessus
- Qualys
Programming
- Python
- Go
- Bash
- Java
- C
Platforms
- Linux
- Docker
- Git