Hello world,
Welcome to my professional space. I am Simon, a dedicated security researcher, currently serving as a penetration tester at Vumetric CyberSecurity. My expertise lies in Mobile Application security (iOS/Android), Web applications, Malware analysis and exploit development.
I am deeply committed to enhancing internet security through continuous learning and applying my skills to identify and mitigate potential threats. My goal is to contribute to a safer digital environment by sharing insights on cybersecurity (Mobile & Web) and Malware Analysis.
For collaboration or to learn more about my work in cybersecurity, please feel free to reach out. I look forward to connecting and discussing how we can secure the digital world together.
Happy hacking :)
Research
- CVE-2024-3251 - Time-Based Blind SQL Injection in CLMS v1.0
Personal Projects/Tools
- Lazy Payloads - Copy common payloads to clipboard directly from browser.
- Deeeeper - Tools to find Activities and Deep Links in APK - Written in Go
- FireCracker - Find Firebase instance in APK and exploit if Read/Write is possible - Written in Go
- iOSDumper - Dump key information from .ipa and search for applinks - Written in Go
- HeaderGrabber - Analyzes HTTP requests in real-time, highlighting headers, cookies, and POST data - Written in Go
- MalCheck - Take list of Windows API calls and flag dangerous calls - Written in Go
Education & Certifications
- Offensive Security Web Expert (OSWE)
- Zero Day Engineering - Masterclass: Hacking open source fuzzers for smarter bughunting by Alisa Esage
- MHL - Certified Android Penetration Tester (CAPT)
- Portswigger – Burp Suite Certified Practitioner (BSCP)
- Offensive Security Certified Professional (OSCP)
- SANS - Blockchain Security Summit 2022 Presented by Halborn
CTF
- Hack The Box - Synacktiv Fortress
- Hack The Box - Dante Pro Lab
- Praetorian Tech Challenges - Crypto
- Praetorian Tech Challenges - Mastermind
- Halborn CTF - Solana Farm CTF
- NahamCon CTF 2021
- MetaCFT 2022
Contact
Please don’t hesitate to contact me securely using my PGP key.
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEYa0XahYJKwYBBAHaRw8BAQdAaLmubE7B0Xb3IgEZ5FtilzWZBzX5u2Qt
JM+gtjynH3TNJWFsbWlnaHR5c2VjQHBtLm1lIDxhbG1pZ2h0eXNlY0BwbS5t
ZT7CjwQQFgoAIAUCYa0XagYLCQcIAwIEFQgKAgQWAgEAAhkBAhsDAh4BACEJ
EIF23/0vurUzFiEELbeo/KRxTeoC53DtgXbf/S+6tTMMZQEA39gvDPtT2VZE
nQUEAw/sDldV8tLDwWzSobL8FTfa8WIBANTG7L6K67Obxxo5ImzY4rsiUAwQ
898bOCkk4gACHG4PzjgEYa0XahIKKwYBBAGXVQEFAQEHQNjcRNElR49N6UkY
iCehsz7c2iQ5PqXo5Kz4NDFDJdFKAwEIB8J4BBgWCAAJBQJhrRdqAhsMACEJ
EIF23/0vurUzFiEELbeo/KRxTeoC53DtgXbf/S+6tTO1igEAj8D0czHf68JL
qfkSR7/XLlnuTQJXCC8I+D99M/mvzu0A/ROqJx7KrufO8aooQlphpRU9sCXa
5YmbIfPGaWYdGmkP
=ZBYL
-----END PGP PUBLIC KEY BLOCK-----
Digital Ocean
I run my recon on a Digital Ocean droplet. If you’re interested in a $200 credit, feel free to use my referral link:
