hi! my name is mert.

i'm interested in cyber security (web & mobile application security, api security, source code review) and software development as amateur. sometimes i write something at the blog.mert.ninja.

i'm developing myself on malware researching and threat analysis at picus security. i love bug bounty (i spend most of my free time on bug bounty at bugcrowd), music, watching animes, minimalist design (minimalism is a philosophy of life for me) and some computer games etc. so i hate sleeping. these things motivate me.  

also, i love people who have low ego(!)

i challenge you on table tennis!

a little open redirect bypass story [22 october 2016]  

xss attack vector at "style" context for less [19 october 2016]  

parameter pollution bug at twitter [16 october 2016]  

yearly

monthly

  1st on the bugcrowd's may/2016 leaderboard with 786 kudos!  

  2nd on the bugcrowd's june/2016 leaderboard with 524 kudos!  

  1st on the bugcrowd's july/2016 leaderboard with 513 kudos!  

  2st on the bugcrowd's november/2016 leaderboard with 603 kudos!  

i took part many application penetration test projects in my old job. many of them are web application projects. also i tested mobile applications (android & ios) and web services.
i usually did source code analysis (in other words; code review.) for .net, php, android and ios applications.