const experience = "Professional Journey"

Work Experience

YesWeHack & Private Programs • May 2023 – Present

I hunt for security bugs in real-world applications through platforms like YesWeHack. It's like being a digital detective - I look for vulnerabilities before the bad guys can exploit them.
So far, I've uncovered and reported 15+ security flaws ranging from simple XSS issues to more serious problems like broken access controls.
What really excites me is digging into application logic - finding those edge cases and race conditions that most automated scanners would miss.
I take pride in writing clear, actionable reports that help developers understand and fix the issues.

IDOR/BOLA vulnerabilitiesBroken Access ControlRemote Code ExecutionBusiness Logic FlawsXSS & CSRF

TryHackMe, Hack The Box, PicoCTF • Ongoing

I'm addicted to Capture The Flag challenges - they're like the gym for my cybersecurity skills.
With 100+ challenges under my belt, I've tackled everything from web exploitation to reverse engineering.
There's something magical about analyzing a PCAP file and uncovering hidden secrets.
When I solve interesting challenges, I often write walkthroughs to share what I learned.

WiresharkVolatilityCyberChefGhidraBurp Suite

Freelance & Personal Labs • Jan 2024 – Present

After completing SOC analyst training, I've been honing my threat hunting skills.
I've developed custom YARA and Sigma rules that help identify malicious patterns.
My malware analysis workflow has helped me dissect suspicious files more efficiently.

Splunk/ELK StackYARA/Sigma rulesWiresharkVolatility

Personal Projects • Mar 2023 – Present

PythonBash/PowerShellDjango/Node.jsReact

Independent Projects • Dec 2023 – Present

I created audit scripts that check systems against CIS benchmarks.
Generating reports in multiple formats means different teams can use the data how they need it.
The time savings have been significant - what used to take hours now takes minutes.

Bash/PowerShellCIS BenchmarksAuditd/Sysmon