Some of my work

Can't disclose it all...

When possible I will try to provide more background information, yet this is not always possible due to disclosures. All these issues are fixed. I will never disclose unfixed issues.

Slack : Persistent Man in the Middle ‘fake’ login page

Razer US: Admin login page user retrieval & bruteforce Checkout cart poisioning

Magento2: Admin backend XSS injection

Persgroep ( CRM exploitation Non-protected analytics environment; bruteforceable, system analyse, data access and open for known CVE’s. XSS on citrix environment