Skip to content
View Christbowel's full-sized avatar
💭
Attempting to explain to my mom that "hacking" is my actual job
💭
Attempting to explain to my mom that "hacking" is my actual job
74 followers · 61 following

Achievements

Achievement: Pull SharkAchievement: Starstruck

Achievements

Achievement: Pull SharkAchievement: Starstruck

Block or report Christbowel

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
christbowel/README.md

Typing SVG


GitHub Website HackerOne Bugcrowd

TryHackMe Root-Me Profile Views

whoami

┌──(christbowel㉿kali)-[~]
└─$ cat about.txt

  Name     : Christ Bowel Bouchuen
  Age      : 19
  Location : Darmstadt, Germany
  Uni      : TU Darmstadt — B.Sc. Computer Science
  Focus    : Offensive Security | Vulnerability Research | Bug Bounty

  CVEs Discovered  : 3
  Hall of Fames    : 5 (🇺🇸 State of California · 🇩🇪 Deutsche Telekom · 🌍 Mars VDP · 🇦🇺 RMIT · 🇺🇸 BIA)
  CTF Best Rank    : Top 15/454 — Bugcrowd Black Hat USA CTF 2024 && Top 1 - USD Hacking Night
  Status           : Open for Werkstudent (Pentest / Vuln Research · Darmstadt/Frankfurt or Remote)

🔴 CVEs Discovered

CVE-2024-29643 - Croogo CMS v3.0.2

Host Header Injection → RCE

Exploitable Host Header Injection in the feed.rss component allows injection of arbitrary PHP code via a malicious HTTP Host header - leading to full system compromise.

NVD

CVE-2026-25050 - Vendure

Authentication Timing Attack → Username Enumeration

Timing side-channel in the authentication flow enabling remote username enumeration - discovered and responsibly disclosed.

Authentication Bypass · Timing Attack · Username Enum

NVD

🔵 CVE Contributions & Community Work

CVE Target Contribution
CVE-2023-25136 OpenSSH 9.1 Python mass scanner + exploit framework — widely adopted by the community
CVE-2024-25600 WordPress Bricks Builder Official Nuclei template (2 versions) merged by ProjectDiscovery

🏆 Hall of Fame

Organization Finding Year
🏛️ State of California · via Bugcrowd SQL Injection → RCE → NT AUTHORITY\SYSTEM 2024
🏛️ Bureau of Indian Affairs (BIA) Multiple critical vulnerabilities on federal systems 2023
🌍 Mars Vulnerability Disclosure Program IDOR + Client Information Disclosure + Client-Side Validation Bypass 2025
🎓 RMIT University · Australia Responsible disclosure 2023

⚒️ Projects

🔥 Infiltrator

Red Team Input Monitoring Framework · Go

Stealthy input surveillance tool for security research. Captures keystrokes, clipboard data, screenshots, and system info — exfiltrates securely via Telegram bot.

Go

🔑 CipherBuster

RSA Exploitation Framework · Python

Analyzes and exploits weak RSA keys via factorization attacks and weak key detection. Built for CTFs and real-world pentest scenarios.

Python

🛡️ RedTeamer

Offensive Simulation Toolkit

Payload generators, privilege escalation helpers, persistence techniques — full adversary simulation framework.

Python Bash

🔵 BlueTeamer

Defensive Analysis Companion

Log analysis, anomaly detection, and automated detection rule generation. The defensive counterpart to RedTeamer.

Python

🧰 Skills & Arsenal

Languages

Python Go C Java Bash SQL

Tools

BurpSuite Metasploit Nmap Nuclei Ghidra Wireshark Linux Docker

Domains

Web Security · API Penetration Testing · Active Directory · Network Security Exploit Development · Reverse Engineering · Cryptanalysis · Bug Bounty · CTFs

📜 Certifications

Certification Issuer Date
usd Hacking Night – Ethical Hacking Skills usd AG Nov. 2025
Certified AppSec Practitioner (CAP) The SecOps Group Feb. 2023
API Security Penetration Testing APIsec University Jan. 2024
CompTIA PenTest+ Learning Path TryHackMe Apr. 2023
AZ-500: Securing Data & Applications Microsoft Apr. 2023

🥇 1st Place — usd Hacking Night CTF, Nov. 2025

📊 Stats



GitHub Streak


📈 Activity Graph

Activity Graph


♟️ Chess move of the day

Chess.com

Schach Club · TU Darmstadt ♟️

💬 Quote

Readme Quotes

🌍 Langues

🇫🇷 Français 🇩🇪 Deutsch 🇬🇧 English
Langue maternelle C1 Fließend Fluent

"Security is not a product, but a process."

Popular repositories Loading

  1. CVE-2023-25136 CVE-2023-25136 Public

    OpenSSH 9.1 vulnerability mass scan and exploit

    Python 107 21

  2. Red-Teamer Red-Teamer Public

    Red Teaming tools and techniques

    56 12

  3. CVE-2024-25600_Nuclei-Template CVE-2024-25600_Nuclei-Template Public

    Nuclei template and information about the POC for CVE-2024-25600

    31 6

  4. Blue-Teamer Blue-Teamer Public

    Blue teamer tools and techniques

    9 4

  5. CipherBuster CipherBuster Public

    Outil d'analyse et d'exploitation des vulnérabilités des implémentations RSA, avec techniques d'attaque automatisées et avancées

    Python 4 4

  6. SSRFmap SSRFmap Public

    Python 3