As an Application Security Engineer, I specialize in uncovering and fixing security flaws across web, mobile, and client-server applications. From breaking into APIs and bypassing SSL pinning on mobile apps to simulating real-world attacks on authentication systems, I help businesses stay one step ahead of cyber threats. I've worked with global clients like Logiwa, Dijiname, QuizClothing, and Upstash, delivering actionable insights and practical fixes. Whether it’s testing mobile apps with tools like Frida and Objection, or analyzing malware to stop it in its tracks, I bring a hands-on, results-driven approach to every project—always with the goal of making your product safer, faster.

I've worked extensively at the intersection of mobile, embedded, and firmware security, modifying existing exploits to enhance penetration testing capabilities and uncover deeper vulnerabilities. My work includes injecting persistent root-level backdoors into Android OS via baseband exploits, and replicating complex, hardware-based vulnerabilities like those revealed by Google Project Zero—chaining CVEs to deliver over-the-air payloads. I’ve collaborated on RTOS development for MSP430 series, tackled firmware extraction from Broadcom and Qualcomm SoCs, and performed fuzzing and reverse engineering on satellite communication modules to identify critical weaknesses. With hands-on experience in kernel programming and baseband penetration testing, I bring a deep, low-level understanding of how systems operate—and how they can be secured.

I’ve conducted hands-on research across a range of systems, starting with TP-Link WiFi routers, where I developed custom firmware based on OpenWRT, integrating WiFi auditing tools and new features. This project deepened my knowledge of embedded systems, Linux, and Git, while sharpening my problem-solving skills through real-world development challenges. I also explored the security architecture of Google Tensor devices and their bootloaders, successfully bypassing modem-level restrictions on IMEIs and serial numbers, which expanded my understanding of modem security in IoT and automotive systems. Currently, I’m working on an open-source bootloader to gain deeper insight into system architecture and OS internals. Additionally, my research on cellular networks uncovered methods to capture OTPs and bypass 2FA, revealing critical vulnerabilities with potential impacts on the banking sector.