I have been working in the IT industry for over ten years, including several years working professionally as a programmer in languages as diverse as Java, PHP, Python and C++. I have developed many software solutions from the ground up such as the open source tool droopescan.

During my years as a security consultant, I have conducted penetration tests for a large number of clients including private companies and government clients. Types of testing I have performed professionally include web application hacking, iOS and Android application review, source code reviews, thick client reviews, external and internal network security reviews, API testing and software architecture reviews. I have also been in charge of leading and mentoring a team of junior penetration testers, and have been regularly praised for consistently providing clients with high quality findings and high quality reports.

These high standards I set for myself continued during my transition to full-time bug bounty hunting, where the high quality bugs I found resulted in a 94th percentile of signal and 99th percentile of impact. Even though I have dedicated my time to hacking products widely regarded as secure, I nevertheless found many high or critical security vulnerabilities, including remote code execution, server-side request forgery, cross site scripting, and XML entity injection, among others. Due to this I was selected as hacker of the year for Verizon Media, and a top hacker for another private program, and was invited to several live hacking events.

Your sponsorship of droopescan is important. It will allow me to keep it updated and invest more time into it to implement new features. If you found droopescan useful in your security work, consider sending me a donation.