Offensive Security Researcher · Red Teamer · Binary/RE · Kernel & Exploit Dev · Smart-Contract Auditor · Bug Bounty Hunter
From kernel UAFs to DeFi exploits — I break it, then I prove it.
I'm an offensive security researcher operating across the entire stack — from the metal to the mempool. I don't specialize in a single surface: one week it's a use-after-free in a Linux kernel subsystem, the next it's an IDOR chain in a fintech API or a share-inflation bug in a DeFi vault. I treat every target the same way: understand it deeply, find where trust breaks, then write the exploit that proves it.
No theoretical findings. No hand-waving. If I report it, there's a working Proof-of-Concept behind it.
| Domain | What it looks like |
|---|---|
| 🏴☠️ Red Team & Offensive Ops | Full kill chain: recon → initial access → privilege escalation → RCE → root → post-exploitation & defacing |
| 🔬 Binary Analysis & Reverse Engineering | Native daemons, firmware images, desktop & mobile binaries, embedded keys, protocol RE |
| 🧨 Kernel & Exploit Development | Memory corruption (UAF, OOB), local privilege escalation, n-day weaponization & original research |
| 🌐 Web / API / Mobile / Infra Pentesting | Auth bypass, IDOR, SSRF, NoSQL injection, session attacks, server & infrastructure compromise |
| ⛓️ Smart-Contract Auditing | Solidity / EVM — ERC-4626 vaults, LayerZero/OFT bridges, oracles, staking & withdrawal queues |
| 🐛 Bug Bounty Hunting | End-to-end: recon, asset discovery, vulnerability research and a reproducible exploit |
Languages
Reverse engineering & exploitation
Web / chain / infra
Public bug bounty programs, private red-team engagements, audit contests and CTFs — spanning web, mobile, IoT, firmware, kernel and on-chain. DeFi, bridges, exchanges, fintech… and the occasional kernel rabbit hole.
“If it holds value or runs code, it has an attack surface.”