Browser javascript internals expert, specializing in web and client side security
twitter |
github |
linkedin |
blog
Expertise
- Core javascript
- Web applications security
- Vulnerabilities research and web reverse engineering
- Browser anti debugging advanced techniques
- Bots and scraping security
- Supply chain attacks security
- Browser extensions security
- Architectures and designs of client side products
- Ad tech
Personal Experience
- Disclosure of a critical chain of vulnerabilities in WhatsApp to Facebook (CVE-2019-18426)
- Disclosure of a medium vulnerability in Chromium to Google (CVE-2020-6519)
- Research and publishing of highly advanced browser anti debugging techniques
- Live talks including OWASP Global AppSec conf
Work Experience
- 8200 Elite Unit [2012 - 2016]
- Job required core browser javascript understanding, reverse engineering and deobfuscating of javascript code, all
under offensive security efforts
- Uponit [2016 - 2017]
- Contributed to the development of a client side security library that bypassed ad blocker extensions under website contexts
- PerimeterX [2018 - 2020]
- Core developer of PerimeterX CodeDefender, a client side supply chain attacks solution
- Core developer of PerimeterX BotDefender, a bot detection and prevention solution
- Developed an in-house obfuscator for our client side products
- Bionic [2020 - 2022]
- Fullstack Engineer working with ReactJS and Golang
General Knowledge
- javascript, nodeJS, python, ReactJS, Golang
- bash, git, npm, yarn, webpack, rollup
- mocha, jest, webdriverio, puppeteer, selenium
- docker, mongoDB, postgres, jenkins, circleCI
About Me
- Hard worker, highly skilled and a self learner
- Passionate and highly experienced in my field of expertise
- Strong Research and Development abilities
- Am always open for collaborations, consulting or any kind of opportunities
- Am mostly reachable on twitter