Lautaro D. Villarreal Culic'

️me_v0.5.9

Mobile Security Researcher

iOS & Android Reverse Engineering - Penetration Tester

Writeups → Research Docs

Android DAST

iOS RE

Frida hooks

Bypass & Rootless

Writeups

CTF Player

CTF

Hack The Box

🎯 +80 machines
🎯 +50 challenges
🏰 6 fortress
🔬 1 prolab
✍️ 44 writeups

Hacker101 & TryHackMe

✅ +210 machines
🏆 TOP 1%
🎯 +5 challenges
✍️ 5 writeups

Mobile CTF

Android

🎯 +100 challenges
✍️ +100 writeups

iOS

🎯 +20 challenges
✍️ +20 writeups

Bug Bounty

HackerOne

🐞 5 vulnerability found
HackerOne
- – Sprinklr (Web): Storaged XSS x5
🎖️ 6 badges

Bugcrowd

🐞 2 vulnerability found
Bugcrowd
- – SoundCloud (Mobile App): Command Injection
- – NASA (Mobile App): Sensitive Data Exposure
🎖️ 2 badges

Others

🐋 3 in DeepSeek Mobile Apps
DeepSeek Mobile Apps
- – Persistent DoS
- – Proof Of Work (PoW) Bypass
- – Sensitive Data Exposure via Android Backup

⭕ 4 in Oracle Mobile Apps

Oracle Mobile Apps

+ One-Line Presence – Link
– Open Firebase Database
– Arbitrary URL Injection in WebView (with JS) x2
– Anti-Root detection Bypass