Web & API Security
BurpSuite Pro, Caido, Nuclei, SQLMap, Ffuf.
01
SKILLS
What I work on.
Cybersecurity professional with 5+ years of experience securing applications, networks, systems, and data across cloud and on-premise environments. Skilled in Web Security, API and Mobile security, Penetration testing, Active Directory exploitation, Red teaming, reverse engineering, and binary exploitation.
Active Directory
BloodHound, BloodyAD, Impacket, NetExec,Certipy.
Mobile Security
Frida, Jadx, Drozer, MobSF, ApkTool, HttpToolkit, Objection.
Cloud Security
Pacu, Prowler, ScoutSuite, AWS-Enumerator.
Binary Exploitation
Pwntools, GDB (Gef/Pwndbg), Radare.
Reverse Engineering
Ghidra, IDA Pro, Binary Ninja, Hopper, dnSpy, Uncompyle6.
02
Research
Discovered CVEs.
Some of the CVEs that I have discovered.
| CVE | Year | Vendor | Vulnerability | Severity | Advisory |
|---|---|---|---|---|---|
| CVE-2025-64488 | 2025 | SuiteCRM | Authenticated SQL Injection | High | GitHub |
| CVE-2025-11135 | 2025 | PMTicket | Authentication Bypass | Crit | MITRE |
| CVE-2025-7886 | 2025 | PMTicket | SQL Injection | Medium | MITRE |
| CVE-2024-10195 | 2024 | Tecno 4G Router | SQL Injection | Medium | MITRE |
| CVE-2023-6304 | 2023 | Tecno 4G Router | Authenticated Remote Code Execution | Crit | MITRE |
03
RECOGNITION
Achievements & Awards.
CTF placements, awards, and the certifications behind the work. Picked from a longer list.
#1
Cyberranges Global Leaderboard
Ongoing
#1
CyberCon KE Finals CTF
2022
#1
CyberCon KE Preliminaries CTF
2022
#2
Africa BattleCTF, Individual
2024
#2
SheHacks Inter-University CTF
2023
#2
SheHacks Inter-University CTF
2022
#3
Blacks in Cyber @ DEF CON 24
2024
#16
DEF CON 29 Red Team CTF (Global)
2021
#6
AfricaHackon CTF
2021
04
Certifications
Certifications
CRTE
CRTO
CRTA
MCRTA
CEH
Security+
Extreme Red Teamer
Off Dev Win v1
Azure RT
API Security
Linux Heap Exploitation
NSE 1 & 2
HTB POO Pro
HTB Puppet Pro
CCNA