My name is Mike, I go by @m8sec on the internet. I work as an offensive security manager leading a wide range of engagements against client environments. In my spare time I create blog posts and write code relating to hacking. I’ve authored a number of tools including SubScraper, CrossLinked, and nullinux.
This site is used as a place to post random research, write-ups, and whatever else I may be working on - not found on Medium. Want to collaborate, talk, or get in touch? Don’t be afraid to reach out!
Acronyms
MSIS, CISSP, OSCP, CRTO, EWPT, CEH
Notable Experience
- Participant in vulnerability disclosure programs through HackerOne, BugCrowd, and Synack Red Team.
- Mimcast Security Researcher Wall of Fame.
- CVE’s Found:
- CVE-2021-41322 - Poly VVX 400/410 v5.3 Privilege Escalation
- CVE-2021-3816 - Cacti v1.1.38 Stored HTML Injection
- CVE-2021-23225 - Cacti v1.1.38 Stored XSS
- CVE-2021-26247 - Cacti v0.8.7g Reflected XSS