> whoami - 0xAlmighty

Hello world,

Welcome to my professional space. I am Simon, a security researcher and penetration tester at Vumetric CyberSecurity. My focuses are Mobile App Security (iOS/Android) and Web Applications.

Hacking and uncovering security flaws isn’t just what I do—it’s what I love. The process of finding vulnerabilities inspires me to keep learning, share what I know, and solve tough security challenges to help make the internet a safer place.

If you’re interested in collaborating or just want to chat about cybersecurity, feel free to reach out.

Happy hacking :)

Research

CVE-2024-3251 - Time-Based Blind SQL Injection in CLMS v1.0

Personal Projects/Tools

Lazy Payloads - Copy common payloads to clipboard directly from browser.
Deeeeper - Tools to find Activities and Deep Links in APK - Written in Go
FireCracker - Find Firebase instance in APK and exploit if Read/Write is possible - Written in Go
iOSDumper - Dump key information from .ipa and search for applinks - Written in Go
HeaderGrabber - Analyzes HTTP requests in real-time, highlighting headers, cookies, and POST data - Written in Go
MalCheck - Take list of Windows API calls and flag dangerous calls - Written in Go

Education & Certifications

Offensive Security Web Expert (OSWE)
Zero Day Engineering - Masterclass: Hacking open source fuzzers for smarter bughunting by Alisa Esage
MHL - Certified Android Penetration Tester (CAPT)
Portswigger – Burp Suite Certified Practitioner (BSCP)
Offensive Security Certified Professional (OSCP)
SANS - Blockchain Security Summit 2022 Presented by Halborn

CTF

Hack The Box - Synacktiv Fortress
Hack The Box - Dante Pro Lab
Praetorian Tech Challenges - Crypto
Praetorian Tech Challenges - Mastermind
Halborn CTF - Solana Farm CTF
NahamCon CTF 2021
MetaCFT 2022

Contact

Please don’t hesitate to contact me securely using my PGP key.

Digital Ocean

I run my recon on a Digital Ocean droplet. If you’re interested in a $200 credit, feel free to use my referral link: