Head of Research at afine, specializing in π macOS security. Passionate about π οΈ Vulnerability Research, π― Exploit Development, and π Reverse Engineering. My work focuses on macOS internals and advancing research in offensive security.
While research is my primary focus, I also work as an Offensive Security Engineer, identifying πΎ security flaws and developing π€ tools to enhance security operations. This includes π₯οΈ Desktop Application Security, πΈοΈ Web Application Security, π Active Directory, and creating π¦ malware to bypass π‘οΈ EDRs.
I created some tools helpful for Offensive Security work, but there are two that I am the proudest of, they are:
- Snake&Apple - The code repository for the Snake&Apple article series documents my macOS security research.
- Crimson - this was my first big thing. Currently, I am not focusing on this tool. However, it is still powerful. My friends and I are using it to this day. This is also a great place to start your journey with Application Security.
As my daily work and some part of my free time research, I am looking for bugs π. I have caught many of them so far, and some have even received a public CVE. I am particularly proud of these two:
- CVE-2023-35359 - Windows Kernel Elevation of Privilege Vulnerability
- Hummingbird < 3.4.2 - Unauthenticated Path Traversal
In my free time, I also run a blog. Recently, I decided to post Proof of Concepts as short recordings on my YouTube channel. You can subscribe to me using the banners below to receive notifications of the latest blogs or videos.
I have participated in multiple CTFs, completed various courses, and obtained certifications through various platforms. Below are links that demonstrate some of these small accomplishments:
- Certs - OSCEΒ³, eWPTxv2, OSCP, various OpenSecurityTraining2 certs
- Pentesterlab - various web hacking courses & CTFs.
- RPISEC/MBE - Modern Binary Exploitation - CSCI 4968
- HTB - CTFs & Pro Labs
- CS50 - Harvard University - Introduction to Computer Science
You can reach me on any of the platforms below. I also share new articles there, so you can stay up-to-date by following me.
If you enjoy my work and want to help me grow, you can sponsor me using any of the below options:
βBy subscribing to my Patreon, you will receive access to all of my published articles.