Hi, I’m drew, a passionate cybersecurity enthusiast and vulnerability analyst. I love pentesting, participating in CTFs, and exploring new ways to strengthen security systems.

My Achievements

Common Vulnerabilities and Exposures (CVE)

• I have discovered and reported CVEs:
  • CVE-2025-10081 – Pet Management System 1.0 unrestricted file upload
  • CVE-2025-10088 – Time Tracker 1.0 reflected XSS
  • CVE-2025-10115 – SiempreCMS ≤1.3.6 SQL Injection
  • CVE-2025-10116 – SiempreCMS ≤1.3.6 unrestricted upload

There’s more: CVE-2025-10410, CVE-2025-10592, CVE-2025-10599, CVE-2025-10618, CVE-2025-10620, CVE-2025-10631 & CVE-2025-10632.

I hope I can find more interesting CVEs on well knowned softwares or applications.

Certifications

• Cyber Defense Professional (GCDP) – GuideM
• Certified Web Exploitation Specialist (CWES) – HackTheBox
• ProLab (DANTE) - HackTheBox
• Certified Penetration Tester Specialist (CPTS) – HackTheBox
• Certified Red Team Operator (CRTO) - Zero Point Security Status: Ongoing

Capture The Flags

• University CTF (uCTF) - Champion
• Hack4Gov3 Regionals (H4G3) - Champion
• Hack4Gov3 Nationals (H4G3) - Champion
• CyberSea Games 2024 (CSG) - 7th Place
• ASEAN Cyber Shield Hacking Contest (ACS) - 15th Place
• Holmes CTF 2025 - 341th Place
• Tinsel Trouble CTF 2025 - 220th Place

Fun Facts

• I love anime and listening to music.
• I’m not a fan of mayonnaise on my bread.
• I enjoy challenges, but I’m still learning chess and yes I’m suck in chess.