Cybersecurity student focused on web exploitation, access-control flaws, agent offense and defense, and responsible disclosure. This preview intentionally redacts target details, payloads, endpoints, and personal identifiers.
I am a security-focused computing student with hands-on work across university systems, especially identity flows, student-service platforms, and legacy web applications.
The public version should emphasize classes of findings and reporting discipline rather than raw exploit detail. That makes the page stronger and safer at the same time.
Current direction: web pentesting, agent offense and defense, vulnerability research, traditional visual algorithms such as KCF, introductory open-source research, and turning private reports into clean public case studies.
Reported weaknesses in account and verification flows, including abusive verification paths and exposure in account-related records.
Reported access-control issues affecting leave-management and booking systems, where personal or workflow data could be returned across users.
Documented XSS-class issues, guest-access mistakes, and file-exposure problems in older campus platforms. Public copy stays intentionally high level.
Master of Computer Science.
Head of the Network Security Department.
During graduate study, reported a vulnerability affecting a university service platform. Technical details remain private in this preview.
The material you provided supports a public claim of nine responsibly reported findings across SSO, library, leave-management, OA, and campus web systems.
One document is an institutional certificate recognizing vulnerability reporting and remediation support.
Avoid real student IDs, target URLs, payloads, screenshots, report contacts, and any direct reproduction steps.