PinnedHow I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US PassportsIf we haven’t connected on LinkedIn yet, go ahead and send a request!Aug 14, 2024A response icon4Aug 14, 2024A response icon4
PinnedSecuring Data: How I Quickly Accessed 3000 Student Records in under 5 MinutesHi everyone!Oct 23, 2023A response icon2Oct 23, 2023A response icon2
Guide to Identifying and Exploiting TOCTOU Race Conditions in Web ApplicationsBefore diving in, if you haven’t checked out my last article on how I hacked ServiceNow’s AI Agent and dumped 128K records — give it a…Apr 4A response icon1Apr 4A response icon1
Full Customer DB dump in Service Now and they called it “Medium Risk” — what a jokeIf you haven’t connected with me on LinkedIn send me a request!Feb 26A response icon2Feb 26A response icon2
Exploiting CSRF in GraphQL ApplicationsIf you haven’t sent me a LinkedIn request yet, send me a request I would love to work with you and do a collab! I will start writing…Feb 7A response icon1Feb 7A response icon1
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN)Hi there,Oct 3, 2024A response icon5Oct 3, 2024A response icon5
Open S3 Buckets Through ReconnaissanceIn my latest post, I shared my favorite 20 Google Dorks, check it out!!Aug 14, 2024Aug 14, 2024
20 Essential Google Dorking Queries to find vulnerable targetsIf we haven’t connected on linkedIn, go ahead and send me a request, I’d love to connect — My LinkedInAug 9, 2024Aug 9, 2024
Research | The use of AI in Offensive Security | Annotated BibliographyI am working on a research paper on the use of AI in Offensive Security for a school project.Mar 29, 2024Mar 29, 2024
