Recent Posts

XXE Case Studies

4 minute read

As it has been some time since my last blog post, I decided I would set aside some time to write one now. The topic of this blog post is inspired by a bug I ...

OSEP & PEN-300 Course Review

8 minute read

I am proud to have completed Offensive Security’s Evasion Techniques and Breaching Defenses (PEN-300) course. After successfully passing the 48-hour exam, I ...

Bug Hunting Thoughts & Statistics

2 minute read

Today marks a huge personal milestone in my bug bounty hunting career. I have achieved an all-time ranking of top 100 on Bugcrowd. This accomplishment comes ...

CVE-2020-6637

2 minute read

OpenSIS v7.3 is vulnerable to unauthenticated SQL injection via the ‘username’ field, this allows for remote database compromise as well as authentication by...

100 Days of Bug Hunting

4 minute read

On April 1st 2019, I decided to try my hand at bug bounty hunting. What started initially as a short experiment quickly evolved into a daily obsession and a ...