$ whoami

Security Researcher
& Bug Bounty Hunter

Independent offensive security work focused on web app, API, and network vulnerabilities. Responsible disclosure, detailed writeups, and clean reports — no fluff.

Hire Me →View Portfolio

fr3ak@research:~$

$nmap -sV -A target.example.com

→ 22/tcp open ssh OpenSSH 9.6

→ 443/tcp open https nginx 1.27.0

$ffuf -u https://target/FUZZ -w wordlist.txt

→ /admin (Status: 401, Size: 1284)

$curl -s https://target/api/v1/users/1

→ 200 OK // IDOR confirmed

$▍

Expertise

Areas of Focus

Where I spend most of my research time and where I tend to find the highest-impact bugs.

Web Application Security

XSS, CSRF, SQLi, SSRF, auth bypass, and business-logic flaws in modern web stacks.

View findings

API Security

REST and GraphQL pentesting — broken auth, mass assignment, IDOR, rate-limit and access-control gaps.

View findings

Network Security

External and internal infrastructure assessments, perimeter testing, and configuration review.

View findings

50+

Vulnerabilities Found

25+

Bug Bounties Awarded

100+

Security Assessments

10+

Hall of Fame Listings

$ ./engage --secure

Need a Security Assessment?

Penetration tests, code review, and continuous bug-bounty-style research with clear, actionable reports.

Get in Touch →

Security Researcher& Bug Bounty Hunter

Areas of Focus

Web Application Security

API Security

Network Security

Need a Security Assessment?

Security Researcher
& Bug Bounty Hunter