Its August, 18th 2025, and I’m several years into my penetration tester and bug bounty hunting adventures. What a magical place I am in now. If 4 years ago self could see what I’ve accomplished now I wouldn’t have believed it. I have just finished by first Defcon talk at Recon Village about hacking IBM Webmethods Integration Servers. It honestly feels unreal and as much as I hate to admit it, and despite all my flaws, ‘m coming into my space.
I started off my year with a intro to recon talk at Bsides DSM (Iowa). I was nervous and practiced a ton and finally when it came time to give my talk I had the absolute best time doing it. I loved answering questions, I loved seeing the curiosity and I loved the feeling that I might be helping out the next version of myself take their first steps into this realm. I gained confidence from that talk and I just said fuck it, why not just go for it. Send the talks you want to talk about to the places where you want to talk. I ended up submitting to the Bug Bounty Village and the Recon Village at Defcon as well as submitting to a local conference (SECCON) and Grr Con (Michigan). I was accepted at all except for Bug Bounty Village and as much as I wanted to speak at that village I’m forever grateful for Recon Village giving me the opportunity to share my knowledge.
I spent way too much time practicing, complaining and worrying to my good friends, but when it came time for the talk I had about 10 of the best asshole friends giving me shit from the front row and the talk couldn’t have gone better. I got through it and I have just confirmed to myself that I’d love to always be in a place that supports me doing research and sharing information I have learned. Keeping this short and sweet I’m so excited for what the future brings for me in this space and I cant wait to start on some of my next research ideas.
Overall I want this to be a talk about my adventures in pentesting, bug bounty, and AI. I’ve got shoulder surgery on August 20, 2025, so I’ll be out for a bit, but I’m going to use that downtime to rebuild my client-side game. JS, postmessages, iFrames, CSP bypassess and chaining fun gadgets. Its going to be tough as its not exactly my strong suite, but its what I want to improve on while I have this opportunity and I think it might be fun to talk about if I can translate that process into a talk that anyone can understand and learn from.