┌──(christbowel㉿kali)-[~]
└─$ cat about.txt
Name : Christ Bowel Bouchuen
Age : xx
Location : Darmstadt, Germany
Uni : TU Darmstadt — B.Sc. Computer Science
Focus : Offensive Security | Vulnerability Research | Bug Bounty
CVEs Discovered : 7
Hall of Fames : 5 (🇺🇸 State of California · 🇩🇪 Deutsche Telekom · 🌍 Mars VDP · 🇦🇺 RMIT · 🇺🇸 BIA)
CTF Best Rank : Top 15/454 — Bugcrowd Black Hat USA CTF 2024 && Top 1 - USD Hacking Night
Status : Software Security @ PAYONE GmbH
Severity: CRITICAL (CVSS 8.7)
Unauthenticated RCE → VM Sandbox Escape
The /_log HTTP handler passes unauthenticated user input to vm.runInNewContext() and eval(). A host-context Function reference (via util.format) can be abused to escape the Node.js sandbox, resulting in full remote code execution on the host.
Impact: RCE · Sandbox Escape · CWE-94
Severity: CRITICAL
Host Header Injection → RCE
A Host Header Injection vulnerability in the feed.rss component allows arbitrary PHP code injection through a malicious HTTP Host header, leading to full system compromise.
Impact: RCE · Host Header Injection
Severity: HIGH
Authenticated RCE → Unsandboxed JavaScript Execution
The Custom Logic policy block worker passes user-supplied JavaScript directly to the Node.js Function() constructor without isolation. An authenticated Standard Registry user can read container files, leak sensitive environment credentials (RSA keys, JWT signing keys), and forge authentication tokens for arbitrary users.
Impact: RCE · Code Injection · Token Forgery
Severity: HIGH (CVSS 7.1)
Unauthenticated Arbitrary File Read → Path Traversal
The _default HTTP handler resolves paths using path.join(process.cwd(), uri) without validating that the resulting path remains within the application root. Combined with binding on 0.0.0.0 and the absence of authentication, this allows arbitrary file disclosure from the host.
Impact: Path Traversal · CWE-22
Severity: MEDIUM (CVSS 6.9)
Authentication Bypass → Sensitive Data Exposure
The GET /api/v1/demo/registered-users endpoint lacks authentication controls, allowing unauthenticated attackers to retrieve sensitive user information.
Impact: Missing Authentication · CWE-306 · Information Disclosure
Severity: MEDIUM
Authentication Timing Attack → Username Enumeration
A timing side-channel vulnerability in the authentication workflow enables remote username enumeration.
Impact: Timing Attack · Username Enumeration
🔒 Reserved CVE
CVE-2026-22674 - Hashgraph Guardian
Coordinated disclosure in progress. Public disclosure scheduled for August 2026.
| CVE | Target | Contribution |
|---|---|---|
| CVE-2023-25136 | OpenSSH 9.1 | Python mass scanner + exploit framework — widely adopted by the community |
| CVE-2024-25600 | WordPress Bricks Builder | Official Nuclei template (2 versions) merged by ProjectDiscovery |
| Organization | Finding | Year |
|---|---|---|
| 🏛️ State of California · via Bugcrowd | SQL Injection → RCE → NT AUTHORITY\SYSTEM |
2024 |
| 🏛️ Bureau of Indian Affairs (BIA) | Multiple critical vulnerabilities on federal systems | 2023 |
| 🌍 Mars Vulnerability Disclosure Program | IDOR + Client Information Disclosure + Client-Side Validation Bypass | 2025 |
| 🎓 RMIT University · Australia | Responsible disclosure | 2023 |
|
Red Team Input Monitoring Framework · Stealthy input surveillance tool for security research. Captures keystrokes, clipboard data, screenshots, and system info — exfiltrates securely via Telegram bot. |
RSA Exploitation Framework · Analyzes and exploits weak RSA keys via factorization attacks and weak key detection. Built for CTFs and real-world pentest scenarios. |
|
Offensive Simulation Toolkit Payload generators, privilege escalation helpers, persistence techniques — full adversary simulation framework.
|
Defensive Analysis Companion Log analysis, anomaly detection, and automated detection rule generation. The defensive counterpart to RedTeamer. |
Languages
Tools
Domains
Web Security · API Penetration Testing · Active Directory · Network Security
Exploit Development · Reverse Engineering · Cryptanalysis · Bug Bounty · CTFs
| Certification | Issuer | Date |
|---|---|---|
| usd Hacking Night – Ethical Hacking Skills | usd AG | Nov. 2025 |
| Certified AppSec Practitioner (CAP) | The SecOps Group | Feb. 2023 |
| API Security Penetration Testing | APIsec University | Jan. 2024 |
| CompTIA PenTest+ Learning Path | TryHackMe | Apr. 2023 |
| AZ-500: Securing Data & Applications | Microsoft | Apr. 2023 |
🥇 1st Place — usd Hacking Night CTF, Nov. 2025
