security researcher
r00t26
Security Engineer. Researcher. Builder.
I do offensive security work, develop tools, and document everything worth documenting.
~/$ whoami
security engineer · researcher · perpetual tinkerer
~/$ cat interests.txt
web exploitation, linux exploitation, reverse engineering, osint
~/$ ls -la ./certs
Security+, Pentest+, CEH, CISSP
~/$ _
HTB — WingData
Wing FTP Server RCE via CVE-2025-47812, SHA-256 salted hash cracking from FTP user files for SSH ...
HTB — VariaType
Exposed .git directory leaks hardcoded credentials, directory traversal via filter bypass reveals...
HTB — Silentium
Flowise account takeover via unauthenticated password reset token leak, RCE via CVE-2025-59528 Ja...
HTB — Pterodactyl
Pterodactyl Panel RCE via CVE-2025-49132, MySQL TCP vs socket auth quirk to extract bcrypt hashes...
HTB — Overwatch
Active Directory enumeration, SMB share analysis, .NET binary decompilation revealing hardcoded c...
HTB — Kobold
Arcane Docker Management CVE-2026-23520 command injection for initial access, followed by a Docke...
nightmare
Linux privilege escalation enumeration with AI-powered triage. Find the path to root — fast.
subhunt
Async subdomain bruteforcer with wildcard DNS detection to cut down on false positives. Fast, cle...
portknock
Async port knocking tool with post-knock scanning and banner grabbing.
ipcheck
A simple CLI based utility that can check the reputation of IPs using the AbuseIPDB API.