security researcher

I find the bugs before the bad guys do.

Ethical hacker with 135 verified vulnerabilities across HackerOne and YesWeHack. Focused on critical attack surfaces — code injection, access control, XSS, and IDOR.

135
Reports
£40,000+
Bounties
6.4
Signal
22.2
Avg Impact

Severity

135 total
critical
37
high
32
medium
38
low
18

Expertise

Code Injection
SQL, OS command, and template injection across web applications and APIs.
Access Control
Broken authorization, privilege escalation, and authentication bypass flaws.
IDOR
Insecure direct object references exposing user data and admin functionality.
Info Disclosure
Leaked credentials, debug endpoints, and sensitive data in responses.
XSS
Stored, reflected, and DOM-based cross-site scripting in complex applications.

Platforms

HackerOne ->
Reports 63
Signal Score 6.4 / 7.0
Impact Average 22.1
HackerOne Clear Verified
YesWeHack ->
Reports 72
Impact 22.2
Rank #178
Points 1430

Get in touch

Looking for someone to audit your attack surface? I find critical vulnerabilities before they become incidents.

Contact me HackerOne YesWeHack