“I was a terror, since the public school era” 👨💻📱☁️🕸️🐞👺If you're trying to pitch your software or services to the company I work for, please don't. I have zero say in those decisions.I'm not your typical appsec dude. I didn't get into Infosec for the money. I've been in this game long before it was a career path, and I'd keep doing it even if the industry disappeared tomorrow. It's my passion and I am always grinding to better myself. I always think outside of the box and enjoy solving problems in creative and unconventional ways. I'm not malicious but I believe I am much closer a real hacker than many pentesters are as I don't rely on checklists and I will try to find new issues and misconfigurations by going the extra mile. Whether it's reading through documentation or standing up the product locally as a docker image or VM so I can perform in-depth analysis. Scopes? Personally, I think they're a joke. Real attackers don't care if something's a legacy system or if you've accepted the risk. If you want to just tick a box sure get a pentest but if you you want to actually find issues in your organisation this is not the way to go. I’ve got a lot of experience manually reviewing source code for vulnerabilities in Go, JavaScript/Typescript, Erlang, .NET, and PHP. I'm also skilled in manual testing web and mobile applications using BurpSuite and Frida.Building exploits from scratch? Yeah, I do that too. Custom shellcode to bypass restrictions? reverse engineering with Ghidra and IDA Pro? you name it.I'm not a Nessus Monkey! I love manually hunting down vulnerabilities in network applications. I am well-versed in the use of security tools in Kali and BlackArch Linux platforms.I've also built automated tools using Python, Go, and .NET.Give me something to hack – whether it’s a network, a web app, a mobile app, binary app, hardware device, whatever – and I'll be laser-focused on getting it done.