I build security tooling, conduct research, and write about what I find. Offensive mindset, defensive output.
Tools, research, and open source contributions across offensive and defensive security.
Extended module suite for recon-ng adding passive DNS enumeration, certificate transparency parsing, and ASN mapping for large-scope engagements.
ResearchAuthentication bypass in a widely-deployed enterprise SSO middleware. Affected 200+ vendors. Responsible disclosure, patch coordinated with CISA.
Open SourceHigh-throughput HTTP fuzzer written in Go. Supports custom wordlists, mutation strategies, and structured output for integration into CI pipelines.
ToolCLI tool that pulls from GTI, VirusTotal, and Shodan to build a unified indicator context report. Designed for analysts in terminal-first workflows.
I'm a security developer and researcher based in Washington, D.C. I started in network engineering before moving into offensive security, and I've spent the last 5 years doing vulnerability research, building tools, and writing about what I find.
I've done work across web application security, binary exploitation, cloud misconfigurations, and threat intelligence. I'm comfortable operating at both the exploit-dev layer and the infrastructure layer — which tends to be where the interesting bugs live.
When I'm not breaking things professionally I play CTFs, contribute to open source tooling, and maintain an Intel feed covering the threat landscape I care about.
"Nahom found a critical auth flaw in our product in 72 hours that our internal team had missed for a year. Methodical, thorough, and communicates findings clearly."
Certifications
Proficiency
Available for penetration testing engagements, security consulting, and tool development contracts. PGP key available on request.