- π Masters in Digital Forensics and Information Security at National Forensic Sciences University
- Areas: Web Application Security, Red Teaming, API Hacking, System Administration
- I sometimes hunt bugs on bounty platforms, report them nicely, and write poetry about them (in Python)
- I love contributing to the open source community.
Tools/Skills:
| CVE ID | Product / Vendor | Vulnerability Type | Year | Severity | Link |
|---|---|---|---|---|---|
| CVE-2025-31117 | OpenEMR | Blind SSRF | 2025 | High | NVD |
| CVE-2025-XXXX | Strapi | XX | 2025 | Critical | Pending Disclosure |
| Program / Target | Platform | Vulnerability Type | Severity | Status |
|---|---|---|---|---|
| NASA | Bugcrowd | API Exposure (x3) | P3 (x3) | Resolved |
| NASA | Bugcrowd | SSRF (DNS-only) | P5 | Resolved |
| NASA | Bugcrowd | Reflected XSS (Self) | P5 | Resolved |
π Some reports marked P5 couldnβt be escalated further. All submitted with responsible disclosure intent.
- RedHat Certified System Administrator (RHCSA) β RedHat
- Fortinet Certified Network Security Expert Level 1 & 2 β Fortinet
- Certified AppSec Practitioner (CAP) β TheSecOpsGroup
- Jr. Penetration Tester β [TryHackMe]
- Practical API Hacking β [TCM]
- Practical Bug Bounty β [TCM]
- Practical Ethical Hacking β [TCM]
Always learning, always breaking
π LinkedIn: @ghostvirus
π Medium: @ghostvirus
π§ Email for engagements: [email protected]
once he was a human.