OSCP+. Penetration tester at [your role / company / freelance].

Specializing in mobile application security — Android primarily, with a focus on hybrid WebView attacks, JavaScript bridge analysis, and chain-of-low-severity exploits. Active on YesWeHack, HackerOne, and Bugcrowd.

This blog is where I write up the bugs I find, the techniques I use, and occasionally what I think about while finding them.

Reach out via LinkedIn