Kiyell - Cybersecurity Professional

Hello and welcome!

On the internet I go by the handle kiyell. I have a background in IT support and software development and started full-time bug bounty hunting in 2018 before joining a SOC as a threat hunter and analyst. I enjoy pentesting web applications, mobile apps, and creating tools that that test for security vulnerabilities at scale.

Some of my latest endeavors have involved adopting NIST CSF 2.0 in a high risk environment, reviewing open source projects for security vulnerabilties, creating bash scripts that detect bug bounty scope changes, managing my Linux config files with Git, and using Jekyll & Github Pages to create the website you are viewing now.

I invite you to browse through my articles where I write about software security, grc, and other topics I am passionate about.

Bug Bounty Highlights

• Awarded $15,000 dollars by Snapchat for sensitive API key discovery
• Participated in United Airlines bug bounty program and discovered 9 vulnerabilities which were awarded 700,000 miles
• Over 70 vulnerabilities discovered on HackerOne & Bugcrowd public/private programs

Programming & Security Highlights

• Found and contributed patch to ‘harmless’ security flaw in 48K+ starred project Pi-hole
• Discovered 6.9 score CVE-2024-7658 vulnerability which affected 4000+ public facing ProjectSend servers
• Contributed to 14k+ starred project changedetection.io
• Requestflect - Created security tool written in Python for detecting code injection & CORS misconfigurations
• Reaction VS - Created Android app built with Java using libGDX framework