██████╗ ███████╗██╗   ██╗██████╗ ██╗      ██████╗  ██████╗██╗  ██╗   ██████╗ ███████╗██╗   ██╗
██╔══██╗██╔════╝██║   ██║██╔══██╗██║     ██╔═══██╗██╔════╝██║ ██╔╝   ██╔══██╗██╔════╝██║   ██║
██████╔╝█████╗  ██║   ██║██████╔╝██║     ██║   ██║██║     █████╔╝    ██║  ██║█████╗  ██║   ██║
██╔══██╗██╔══╝  ╚██╗ ██╔╝██╔══██╗██║     ██║   ██║██║     ██╔═██╗    ██║  ██║██╔══╝  ╚██╗ ██╔╝
██║  ██║███████╗ ╚████╔╝ ██████╔╝███████╗╚██████╔╝╚██████╗██║  ██╗██╗██████╔╝███████╗ ╚████╔╝ 
╚═╝  ╚═╝╚══════╝  ╚═══╝  ╚═════╝ ╚══════╝ ╚═════╝  ╚═════╝╚═╝  ╚═╝╚═╝╚═════╝ ╚══════╝  ╚═══╝

Security researcher, bug bounty hunter, and occasional speaker.

I break things for a living—ethically. Here you'll find vulnerability disclosures, security research, and conference talks.

bugs
0
disclosed
research
1
articles
talks
0
presented

$ recent
research Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions