Available for engagements & private programs

Hi, I'm Wolfy.
I break things so they can't be broken.

Bug bounty hunter & penetration tester focused on finding the high-impact vulnerabilities that matter before someone with bad intentions does.

Work with me Read testimonials

0+ Vulnerabilities reported
0+ Programs hunted
0 Years offensive security

wolfy@recon: ~

$ whoami
wolfy — security researcher

$ cat ./focus.txt
[+] Web & API penetration testing
[+] Race condition · Bussiness Logic · IDOR · auth bypass · & More 
[+] Recon & attack-surface mapping
[+] Responsible disclosure

$ ./hunt --target scope.tld
[*] enumerating assets...
[✓] critical found — reported
$ ▋

01 — About

A short description

I'm Wolfy — a bug bounty hunter and penetration tester.

I primarily work with casinos and GPT sites but have past experience with companies such as Red Bull, DHL and Telenet via their Intigriti programs

Bug Bounty Web & API Responsible Disclosure Recon

02 — Expertise

What I do

🎯

Web & API Testing

Deep manual testing of web apps and APIs — authentication, access control, business logic, and injection flaws.

🛰️

Recon & Attack Surface

Subdomain enumeration, asset discovery, and fingerprinting to map the full attack surface before going deep.

💥

High-Impact Bugs

RCE, SSRF, LFI, IDOR and access-control chains — the findings that actually move risk, with reproducible PoCs.

📝

Clear Reporting

Impact-first write-ups with reproduction steps and remediation guidance triagers and engineers can act on.

03 — Testimonials

What people say

Kind words from people I've worked with across the community.

Let's work together

Got a program, a target, or a security question? Reach out — I'm happy to talk scope.

Discord @wolfyyy___ Intigriti @wolfy6848 X / Twitter @wolfy6848

Hi, I'm Wolfy. I break things so they can't be broken.