$5,000
2025
MPC signature forgery PoC
ViSec
Offensive Security • Bug Bounty • Vulnerability Research
About Me
I'm Enay, an offensive security‑focused bug bounty researcher. I work on web security, smart contracts, reverse engineering and cryptographic protocols. I am also passionate about discovering critical security vulnerabilities through bug bounty programs and blockchain security research, with multiple high‑impact reports submitted to major platforms.
Focus Areas
- Web/App Security
- Smart Contract Auditing
- Reverse Engineering
- Crypto/ECDSA Research
Tools I Use
Python
GDB
Burp Suite
Nmap
Foundry/Forge
SQLmap
radare2
Ghidra
Hardhat
APKTool
Jadx
Bash
JavaScript
Awards & Achievements
$1,300
2025
Local RCE vector affecting agent-side execution flow
$10,000
2025
Broken Governance
$50,000
2025
0-day research conducted as part of a 7-person team.
$400
2025
Business Logic
Projects & Research
Resolv
Identified logic flaw in clearPendingRewardsFlagIfEmpty. Exploited the flaw to block claims permanently. Successfully demonstrated impact via local testnet using Web3.py & Ganache.
Smart Contract
Web3.py
Ganache
Exploitation
HydraDX Omnipool
Allowing an attacker to perform thousands of micro trades and drain significant liquidity while manipulating the spot price.
DeFi
Liquidity
Price Manipulation
Research
FloQast
window.sdkConfig.proxyUrl: The proxy URL is under floqast.app and is not included in CSP. The cxforward parameter redirects to the Coralogix log endpoint. Log data severity, labels, and a custom msg file are customized.
CSP Bypass
Web Security
Injection
Research
Skills
Web Security
SQL Injection
XSS
CSRF
SSRF
RCE
Smart Contracts
Reentrancy
Overflow
Access Control
Logic Flaws
Reverse Engineering
Binary Analysis
Assembly
Debugging
Exploitation
Crypto
ECDSA
Hash Functions
Key Management
Protocol Analysis