I am a cybersecurity researcher and web developer based in Indonesia. I identify vulnerabilities in production systems, create security tools, and contribute to open-source projects. I responsibly disclosed security issues to financial institutions, government agencies, open-source projects, SaaS platforms, and other tools.
Manus AI - Discovered and reported P1 severity Sandbox Escape vulnerability in AI platform infrastructure.
The NatWest Group - Identified and responsibly disclosed multiple security vulnerabilities via Bugcrowd platform. 3 reports were accepted and triaged.
Seafile - Disclosed a security vulnerability, resulting in an immediate patch deployment and $200 security bounty.
Ministry of Forestry Indonesia - Identified and reported 2 high-severity vulnerabilities. Received official recognition for both discoveries.
Canva - Discovered business logic flaw allowing unauthorized access to premium features without subscription.
RiteCMS 2.0 - Discovered a Remote Code Execution (RCE) vulnerability. Proof of concept. Currently awaiting CVE assignment.
WProject - Automated security testing tool for penetration testers. Checks websites for vulnerabilities with reporting capabilities.
Pyilot - AI-powered desktop assistant that turns your natural language commands into executable Python code. Integrates AI capabilities for scripts generation.
Terminatex - Renders LaTeX equations and images directly in terminal environments.
FormDataSaver - Zero-configuration utility that automatically saves and restores form data using localStorage.
SpyHunt - Improved stability by fixing a minor bug.
Wikipedia - Contributed to improving article accuracy and content quality, impacting over 7,700 readers.
Lime AI - Early access tester — provided feedback that influenced product direction, granted free access until 2026 in recognition.