I am excited to share a project I've been working on: the_almighty, a deterministic web-vulnerability scanner built entirely in Go.
Unlike traditional black-box scanners that rely on simple payload spraying, the_almighty is designed with high signal-to-noise ratio in mind. Findings are only reported when verified by a Go oracle (e.g., verbatim reflection, error signature, time delay, or an out-of-band callback).
Key Capabilities: 🔹 OOB Correlation: Captures blind/stored XSS, SSRF, and command injections via tokenized out-of-band callbacks. 🔹 Grey-box IAST: Server-side PHP and JS agents locate tainted input reaching dangerous sinks with file and line numbers. 🔹 Headless Browser Crawler: Leverages a pooled headless Chrome instance to crawl modern single-page applications. 🔹 AI-Powered Payload Widening: Uses local LLMs (via Ollama) to dynamically generate and expand test payloads, keeping validation deterministic. 🔹 Observation Engine: Correlates, deduplicates, and scores results into SQLite (WAL) for a clean, prioritized list.
Engineered with a strict scope guard and per-host rate limiters to guarantee scanning stays safe and within boundaries.
Stack: Go 1.26, Cobra, chromedp, SQLite, and Ollama.
#ApplicationSecurity #SoftwareEngineering #GoLang #IAST #PenetrationTesting #DevSecOps
0
37
Happy to share that I’ve been recognized on the Signify (https://www.linkedin.com/company/signifycompany/) Hall of Fame for responsibly reporting a security vulnerability discovered during independent security research.
Appreciate the Signify (https://www.linkedin.com/company/signifycompany/) security team for their professional handling of the report and dedication to improving security.
Responsible disclosure is an important part of strengthening the security ecosystem, and I’m glad to contribute.
https://www.signify.com/global/product-security/coordinated-vulnerability-disclosure/hall-of-fame
#CyberSecurity (https://www.linkedin.com/search/results/all/?keywords=%23cybersecurity&origin=HASH_TAG_FROM_FEED) #BugBounty (https://www.linkedin.com/search/results/all/?keywords=%23bugbounty&origin=HASH_TAG_FROM_FEED) #ResponsibleDisclosure (https://www.linkedin.com/search/results/all/?keywords=%23responsibledisclosure&origin=HASH_TAG_FROM_FEED) #EthicalHacking (https://www.linkedin.com/search/results/all/?keywords=%23ethicalhacking&origin=HASH_TAG_FROM_FEED) #SecurityResearch (https://www.linkedin.com/search/results/all/?keywords=%23securityresearch&origin=HASH_TAG_FROM_FEED)
0
33
Security research update
Happy to share that I’ve been recognized in the Philips Coordinated Vulnerability Disclosure Hall of Fame (2026) for responsibly reporting a security vulnerability.
During security testing, I identified a vulnerability and reported it through Philips’ coordinated disclosure program. After verification by their security team, the issue was acknowledged and addressed.
Moments like this highlight why responsible disclosure and collaboration between researchers and organizations are so important. Security research is not just about finding bugs — it’s about helping strengthen systems that people depend on every day.
Grateful to the Philips security team for the acknowledgment and for supporting a transparent vulnerability disclosure process.
On to the next bug.
https://lnkd.in/dukTVr6t
(https://lnkd.in/dukTVr6t)#CyberSecurity (https://www.linkedin.com/search/results/all/?keywords=%23cybersecurity&origin=HASH_TAG_FROM_FEED) #BugBounty (https://www.linkedin.com/search/results/all/?keywords=%23bugbounty&origin=HASH_TAG_FROM_FEED) #EthicalHacking (https://www.linkedin.com/search/results/all/?keywords=%23ethicalhacking&origin=HASH_TAG_FROM_FEED) #ResponsibleDisclosure (https://www.linkedin.com/search/results/all/?keywords=%23responsibledisclosure&origin=HASH_TAG_FROM_FEED) #SecurityResearch (https://www.linkedin.com/search/results/all/?keywords=%23securityresearch&origin=HASH_TAG_FROM_FEED) #AppSec (https://www.linkedin.com/search/results/all/?keywords=%23appsec&origin=HASH_TAG_FROM_FEED) #Infosec (https://www.linkedin.com/search/results/all/?keywords=%23infosec&origin=HASH_TAG_FROM_FEED)
0
47
Grateful to be recognized in NASA's Vulnerability Disclosure Program Hall of Fame on Bugcrowd.
As someone still early in my security research journey, this means a lot. Found a reflected XSS vulnerability, reported it, and it was accepted. Simple as that.
Still a lot to learn, but this is a good reminder to keep going.Letter of Recognition should arrive after some time.
0
51
Recently identified a publicly accessible Spring Boot Actuator /env endpoint during a security assessment.
What initially appeared to be a routine configuration exposure turned out to reveal:
• Internal service architecture
• Backend microservice endpoints
• Internal hostnames and network information
• Deployment and filesystem details
• Security configuration settings
• Credentials and encryption-related secrets
This serves as a reminder that management interfaces can expose far more than operational metadata when left accessible in production environments.
Key lessons:
✓ Restrict Actuator endpoints to trusted administrative networks
✓ Avoid exposing /env in production
✓ Review environment variables and configuration repositories for secrets
✓ Rotate any exposed credentials immediately
✓ Use least-privilege exposure lists rather than wildcard endpoint exposure
Small configuration mistakes can create a complete roadmap of an organization's internal infrastructure.
#CyberSecurity (https://www.linkedin.com/search/results/all/?keywords=%23cybersecurity&origin=HASH_TAG_FROM_FEED) #AppSec (https://www.linkedin.com/search/results/all/?keywords=%23appsec&origin=HASH_TAG_FROM_FEED) #SpringBoot (https://www.linkedin.com/search/results/all/?keywords=%23springboot&origin=HASH_TAG_FROM_FEED) #DevSecOps (https://www.linkedin.com/search/results/all/?keywords=%23devsecops&origin=HASH_TAG_FROM_FEED) #BugBounty (https://www.linkedin.com/search/results/all/?keywords=%23bugbounty&origin=HASH_TAG_FROM_FEED) #SecurityResearch (https://www.linkedin.com/search/results/all/?keywords=%23securityresearch&origin=HASH_TAG_FROM_FEED) #OWASP (https://www.linkedin.com/search/results/all/?keywords=%23owasp&origin=HASH_TAG_FROM_FEED) #InfoSec (https://www.linkedin.com/search/results/all/?keywords=%23infosec&origin=HASH_TAG_FROM_FEED)