BASED IN GERMANY

LoK

Team Manager
Location: United States
Age: 32
TryHackMe: #12934
Specialty: Worldwide Operations & Strategy
Experience: 8 years
Certifications: CISSP, CISM
Languages: English
Achievements: Led 50+ global operations
Badge: Strategic Leader
CØkiep

Exploit Researcher & Development

Focus on exploit development.

TryHackMe Top ~#1400 Responsible Disclosure JS • Java • C# • Python • Go • Kotlin • VBS • PowerShell

About

I work on exploit development and exploiting Windows devices.

  • Ranking: TryHackMe Top ~#1400
  • Tech: Python, JavaScript
  • Focus: Analysis, PoCs, Reporting, Hardening

Current Work

Developing a modular security tooling framework (builder/automation), researching client plugins and server security, and producing clear reports.

Security Research

Client-Plugin Analysis

Investigation of risks posed by unofficial extensions (e.g. HTML plugins) and supply-chain aspects. Goal: demonstrate how attackers could theoretically exfiltrate data – with a focus on prevention and protection.

Discord/Vencord – Client-Plugin Vulnerability

Research showed that unofficial Discord client extensions (e.g. Vencord) combined with certain HTML plugins could, under unfavorable conditions, be abused to harvest credentials.

  • Vector: Manipulated add-ons, insecure plugin permissions, HTML rendering context.
  • Proof: Reproducible PoC, no productive abuse.
  • Status: Responsible disclosure to relevant parties; hardening recommendations shared.

Web Vulnerabilities (e.g. XSS)

Creating minimal proofs-of-concept, reporting validated issues to operators (responsible disclosure) and recommending protections for domain control and content policies.

.GOV – Domain Control & XSS

An assessment of a web application on a .GOV domain revealed a combination of misconfiguration in the domain/hosting context (domain control) and an XSS attack surface.

  • Vector: Misconfigured domain control + reflected/stored XSS surface.
  • Impact: Temporary content/subdomain control in the PoC; controlled script injection.
  • Proof: Reproducible PoC and documentation (see screenshot below).
  • Status: Responsible disclosure; operator informed; hardening recommendations provided.
.GOV PoC – released document/screenshot

Reporting & Disclosure

Structured reports, reproducible steps, impact assessment and cooperative communication with teams.

Projects

Backdoor

Modular tooling for security analysis and covert system monitoring. Focus on stealth and configurability, including the capability to execute arbitrary code.

VirusBox

A sandbox environment that enables testing potentially harmful software in a controlled setting, monitoring network activity and logging behavior in detail.

Experience

Wuerth IT – System Administrator

Wuerth IT Logo

System administration and operational IT tasks.

CERT Polska – CSIRT Unit

CERT Polska Logo

Incident response activities (identity partially anonymized).