Numan Ozdemir

This website is tired of running with WordPress, so the blog is closed permanently.

Numan Ozdemir is software developer & cybersecurity researcher. A bit writer.

Hall of Fame & Acknowledgements:

  • The Pentagon
  • UK Government (GCHQ)
  • Dutch Government (NCTV)
  • Google
  • IBM
  • Microsoft
  • Cloudflare
  • LinkedIn
  • Symantec
  • Malwarebytes
  • European Union
  • eBay
  • AT&T
  • Nokia
  • Asus
  • Xiaomi
  • Bosch
  • Adobe (for Magento)
  • Harvard University
  • University of Twente
  • Tilburg University
  • Erasmus University
  • MediaMarkt
  • Spotify
  • Vimeo
  • DigitalOcean
  • Softaculous
  • PureVPN
  • Reeder
  • Some banks

    • Vulnerabilities:

  • Samsung Galaxy Buds - Hijacking Earbuds Remotely
  • Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails <= v5.2.22
  • cPanel Filename Based Stored XSS <= v76
  • MyBB Stored XSS <= v1.8.1
  • Plesk OAuth XSS to Steal Root User Password
  • CentOS Web Panel Root Account Takeover + Remote Command Execution <= v0.9.8.740
  • DirectAdmin Multiple Vulnerabilities to Takeover the Server <= v1.561
  • VestaCP Multiple XSS Vulnerabilities <= v0.9.8-22
  • AjentiCP Dir Name Based Stored XSS <= v1.2.23.13

    • Projects:

  • distribRuted - Distributed Attack Framework
  • VULLNERABILITY - Exploit & Vulnerability Alert Service
  • WebCOP Web Application Firewall
  • Defacement Analysis and Mirror Tracking Software
  • Hackking - Global Information Security Community

    • Featured In:

  • DEF CON
  • Black Hat {Briefings, Arsenal}
  • TechCrunch
  • Forbes
  • TheRegister
  • Naked Security
  • Dark Reading
  • SecurityWeek
  • Yahoo


    • root [at] numanozdemir [dot] com
    ozdemirnuman [at] gmail [dot] com
    Twitter - LinkedIn

    Future is mine...