Recent Work
Finished 2021 as the 7th hacker in the world at Intigriti for the last quarter, and 87th hacker of all time there. Had the opportunity to contribute to companies like Red Bull, Randstad, Telenet, Soundtrack Your Brand, etc.
Also made my first reports on HackerOne, and from there also had the opportunity to contribute to the security of big companies, such as Adobe, IBM, Sony, Xiaomi and also the U.S. Department of Defense.
Reported vulnerabilities in three different open source projects: Elgg, HumHub and Vim (yes, the text editor). They were all reported through Huntr, which is an awesome bug bounty platform exclusively designed to make open source code more secure.
Contributions to Open Source
December 2021
- Double Free in Vim. See CVE-2021-4187
- IDOR in HumHub allowed registered users to become unauthenticated members of private spaces. See CVE-2021-43847
- Stored Cross-Site Scripting in Elgg. See CVE-2021-4072
November 2021
- Personal Information Disclosure in Elgg. See CVE-2021-3980
- IDOR in Elgg leading to arbitrary use of group actions. See CVE-2021-3964