Security Consultant at Prescient Security with deep focus on Web, API, Mobile, and Thick Client penetration testing. Discovered and reported 500+ vulnerabilities across public and private programs. Ranked #1 on Qwilr's Security Hall of Fame. Active bug bounty hunter on HackerOne as bloody_eye.
Currently exploring how AI augments offensive security workflows — specifically AI-assisted recon, JS analysis for endpoint discovery, and intelligent payload generation for WAF bypass.
| Domain | Specialization | Level |
|---|---|---|
| Web Application Security | OWASP Top 10, Logic Flaws, Auth Bypass, IDOR |  |
| API Security | REST, GraphQL, SOAP — Auth, Rate Limit, Injection | |
| Mobile Pentesting | Android APK reverse engineering, Frida, SSL Pinning | |
| Thick Client Assessment | .NET, Java, traffic interception, binary analysis |  |
| Bug Bounty Hunting | HackerOne — 500+ validated vulns, #1 Qwilr HoF | |
| AI-Assisted Recon | JS analysis, endpoint discovery, payload generation |  |
| Certification | Issuer | |
|---|---|---|
01 |
Offensive Security Certified Professional — OSCP | Offensive Security |
02 |
Offensive Security Web Expert — OSWE | Offensive Security |
03 |
Burp Suite Certified Practitioner — BSCP | PortSwigger |
- #1 — Qwilr Security Hall of Fame
- 500+ — Validated vulnerabilities reported
- Active hunter on HackerOne · handle:
bloody_eye - Consultant at Prescient Security — Web · API · Mobile · Thick Client
Security Consultant · Penetration Tester · Bug Bounty Hunter