whoami
contents
$ whoami
collina
$ id
uid=1337(collina) groups=pentest,osint,ctf
I break web apps and APIs for a living, and chase loose threads through open sources for fun. This is where I keep field notes — the writeups, the tooling, the tradecraft that didn’t fit in a report.
What you’ll find here
- Pentest — web/API exploitation walkthroughs, methodology, and the occasional CTF.
- Investigation — OSINT pivots, entity mapping, and how to turn a single artifact into a full picture.
- Tooling — small scripts and setups that pull their weight.
Everything here is my own work and opinion. Findings from real engagements are sanitized — no client data, no live targets, no crossing the line.
Contact
Reach me on the usual platforms. PGP on request. Responsible disclosure only.
// signal over noise