Available for hire

Owen
Muldoon

AppSec engineer & web developer. I find vulnerabilities, build things, and break them responsibly.

Get in touch GitHub

#992

HTB global rank

CVEs disclosed

11.2%

HTB content owned

VDP

Bugcrowd verified

Security findings

Responsible disclosure

Vulnerabilities identified and responsibly disclosed through Bugcrowd. Both findings were acknowledged and remediated by the security team.

Subdomain takeover × 2 — Private VDP Remediated

Bugcrowd VDP · Private disclosure · 2024

Two subdomain takeover vulnerabilities identified and responsibly disclosed via Bugcrowd's VDP program. Both acknowledged and remediated. Details undisclosed per program terms.

Technical writing

Writeups

Documented walkthroughs of HTB machines, VDP findings, and security research — written to learn and to share.

View all writeups →

Skills & tools

What I work with

// offensive security

Burp Suite Nuclei subfinder nmap ffuf Metasploit

// web development

React Next.js TypeScript Node.js REST APIs

// recon & appsec

DNS enumeration OWASP Top 10 XSS IDOR CORS SQLi

// platforms

Hack The Box Bugcrowd Linux Git Docker

Contact

Let's talk

Open to junior AppSec, pentesting, and security engineering roles. Feel free to reach out directly.

owenmuldoon86@gmail.com GitHub LinkedIn Hack The Box

OwenMuldoon

Responsible disclosure

Writeups

What I work with

Let's talk

Owen
Muldoon