WEB/API SECURITY MOBILE SECURITY APPSEC PRODUCT SECURITY BURP SUITE FRIDA OSCP SECURITY AUTOMATION LABS REPORTING WORKFLOWS
Focus
What I work on
Security disciplines and workflows I spend most of my time on.
Web/API Pentesting
Mobile Application Security
Application Security
Product Security
Security Automation
AI-assisted Security Workflows
Selected work
Featured work
A mix of public projects and sanitized case studies. Public projects link to repositories when available; case studies share only high-level, non-confidential details.
Public project In progress
evidence-sanitizer
Local-first CLI for sanitizing authorized pentest evidence before reports, tickets, notes, PoCs, or internal sharing.
Methodology-first writeups and short technical notes.
Lab notebook
Notes and writeups are reviewed before publication. Drafts stay private until sanitized.
When published, they will appear here as methodology-first reflections and practical workflow notes.
I'm open to conversations about application security, offensive security, mobile security, security automation, CTFs and labs, and open-source security tooling.