/.arsenal

What I Help Secure

Security services tailored for organizations that need real validation, not just checklist-based testing.

Web Application Pentesting

• Authentication, authorization, and session testing
• Business logic abuse and access control validation
• OWASP Top 10 and advanced attack-path testing
• Manual verification of exploitable impact

Mobile App Security

• Android and iOS security reviews
• API interaction and insecure data flow testing
• SSL pinning bypass and runtime analysis
• Client-side storage and token handling assessment

API & Web Service Testing

• Broken authentication and authorization flaws
• Parameter tampering and privilege escalation paths
• Input validation, injection, and logic issues
• Security validation for exposed service endpoints

Product Security Assessment

• Pentesting products before release or rollout
• Securing product features and exposed interfaces
• Finding vulnerabilities in customer-facing modules
• Helping teams reduce product attack surface

Infrastructure Security Testing

• Internal and external network assessments
• Router, wireless, and exposed service testing
• Weak configuration and remote access reviews
• Validation of hardening gaps and risky exposure

Developer-Focused Security Guidance

• Actionable remediation guidance after testing
• Issue prioritization based on exploitability
• Security support aligned with release cycles
• Helping teams build more secure products

/.disclosures

Recognized Findings, CVEs & Hall of Fame

A portfolio of real-world vulnerability discovery, responsible disclosure, product security research, and public recognition across global technology and enterprise platforms.

Hall of Fame Recognition

Recognized by leading organizations and multiple private programs for impactful security findings.

Microsoft

Nvidia

Huawei

Unbounce

Glassdoor

ZTE Corporation

Woodland

50+ Private Programs

CTF & Competitive Security

• Intigriti 1337UP CTF — earned Rank 91 among thousands of participants.
• Solved 13 challenges across Reversing, Miscellaneous, and Web categories.
• Reflects practical offensive problem-solving and hands-on depth.

Research & Blog Writing

• Bypassed Input Escaping for XSS | Discuss a situation to leverage browser functionality to bypass and exploit XSS. - READ ON MEDIUM
• Reconnaissance to Remote Code Execution | A RCE with the art of reconnaissance. (WAF Bypass) - READ ON MEDIUM
• Blind Command Injection Leads to Nothing | Analyzed a command injection for true negative. - READ ON MEDIUM
• Mastering Traffic Interception in Android Apps Built with Kotlinx Coroutines I/O (CIO) | Intercept traffic when CIO does not respect system proxies. - READ ON MEDIUM

/.vuln-log

Disclosed Vulnerabilities

Publicly recognized vulnerability research across enterprise products, security platforms, CMS ecosystems, payment systems, and operational technology-related environments.

CVE-2024-33472

SITA Airport Management System

Identified an HTTP request smuggling vulnerability that could allow a remote attacker to disrupt application behavior and potentially trigger denial-of-service conditions.

HTTP Request Smuggling

CVE-2024-27555

Intradyn Email Archiving & eDiscovery

Stored XSS vulnerability that could be leveraged for full account takeover through malicious script execution inside a trusted application context.

Stored XSS

CVE-2024-27556

Intradyn Email Archiving & eDiscovery

GET-based redirection issue that could send users to attacker-controlled destinations, increasing phishing and credential theft risk.

Open Redirect

CVE-2024-29321

Bitwarden Secrets Manager

Multi-step privilege escalation chain involving IDOR, rate-limit weakness, and OTP bypass, enabling unauthorized access expansion.

Privilege Escalation

CVE-2024-21261

Oracle Application Express

Stored XSS vulnerability that could execute malicious scripts in victim sessions and potentially lead to account compromise.

Stored XSS

CVE-2024-51219

Bitwarden Secrets Manager

Failure to restrict URL access allowed unauthorized access to uploaded sensitive files without authentication.

Access Control

CVE-2024-51218

UI-O-Matic

SQL injection vulnerability that could allow remote database extraction and compromise of application data confidentiality and integrity.

SQL Injection

CVE-2024-51220

Umbraco CMS

Arbitrary file upload vulnerability through crafted SVG-based payloads that could lead to XSS and eventual account compromise.

File Upload / XSS

CVE-2024-10761

Umbraco CMS

Stored XSS vulnerability that could be exploited to achieve full account takeover in trusted administrative contexts.

Stored XSS

CVE-2025-1806

Eastnets PaymentSafe

Improper authorization flaw enabling privilege escalation and unauthorized access to administrative functionality.

Authorization Bypass

CVE-2025-1337

Eastnets PaymentSafe

Cross-site scripting issue in the BIC Search component caused by unsafe handling of attacker-controlled input.

Cross-Site Scripting

CVE-2025-30709

Oracle JD Edwards

URL restriction bypass leading to unauthorized download of executable files and an increased risk of malicious file delivery.

Restriction Bypass

CVE-2025-40806

Siemens Product

Unauthenticated username enumeration issue allowing attackers to discover valid accounts and improve brute-force or social-engineering efforts.

Username Enumeration

CVE-2025-40807

Siemens Product

Account lockout bypass vulnerability enabling attackers to circumvent protection controls designed to slow repeated authentication attempts.

Lockout Bypass

./certs

Certifications & Technical Strength

A blend of certifications, tooling, frameworks, and hands-on experience across offensive security, application security, and enterprise testing.

OSCP — Offensive Security

CRTP — Altered Security

CEH (Master) — EC-Council

Testing Domains

• Web Applications
• Mobile Applications
• APIs & Web Services
• Thick Clients
• Infrastructure & Network Environments

Frameworks & Standards

• OWASP ASVS
• OWASP MSTG / MASVS
• MITRE ATT&CK
• NIST SP 800 Series
• SANS Top 25

Core Tools

• Burp Suite, Nessus, Nmap, Rustscan
• Metasploit, Hydra, Ffuf, Gobuster, SQLMap
• BloodHound, PowerSploit, PowerView, Mimikatz
• Frida, HTTP Toolkit, CrackMapExec, Nikto

/.ping

Find Me Online

Open to security consulting, penetration testing, product security engagements, and professional collaborations.

Medium LinkedIn X / Twitter Don’t Use It, Don’t Get Caught k@gmail.com

Let’s Work Together

Need a Product or Application Security Assessment?

Whether you need penetration testing for a product, a web application review, mobile app assessment, API testing, or practical remediation guidance, this portfolio reflects the kind of offensive security work built to protect modern systems.

Discuss Your Security Needs