Iβm John Michael Dacara, a anspiring Web Application Penetration Tester.
I'm currently pursuing a BS in Computer Science at the Polytechnic University of the Philippines.
I specialize in identifying and exploiting web vulnerabilities to help organizations strengthen their security posture.
- π Currently focusing on bug bounty hunting and CTF challenges
- π± Learning advanced web exploitation & red team techniques
- π οΈ Passionate about offensive security and web application testing
- β‘ Fun fact: I break things to make them stronger
- π Life verse: "Fixing our eyes on Jesus, the pioneer and perfecter of faith. For the joy set before Him He endured the crosss, scorning its shame, and sat down at the right hand of the throne of God" β Hebrews 12:2
- π‘οΈ Pentest quote: "The only way to stop them is to think like them." β Google
- Web Vulnerabilities: SQLi, XSS, CSRF, SSRF, IDOR, RCE, HTTP Request Smuggling, API Testing
- Tools: Burp Suite, Nmap, Metasploit, sqlmap, Hydra
- Scripting: Python, Bash
- Platforms: HackerOne, HackTheBox, TryHackMe
- TryHackMe: Hacker the Rank
- π― Reported vulnerabilities in private bug bounty programs
- π Ranked in the Top % on TryHackMe
- π Completed multiple HackTheBox challenges
- π₯ CTF Competitions:
- Kaspersky CTF β π Top 1 Philippines, Top 7 Asia
- Micro Trend CTF β 90th / 199 (Philippines)
- Nullcon HackIM CTF Berlin 2025 β 66th / 1103 teams globally
- ASIS CTF 2025 β 39th / 368 teams, Rank 1 Philippines
- π Progress in PortSwigger Academy β 41% complete
