pfapostol

I’m a self-taught information security enthusiast who first dove into cybersecurity back in 2014. In 2018, I teamed up with friends to run private web2 security audits — and spent evenings and weekends hunting bugs on HackerOne and BugCrowd. In 2022, I shifted my focus to Web3 and started participating in Code4rena audits in my free time. Due to work part-time, I specialize in uncovering rare vulnerabilities rather than going after low-hanging fruits. To date, I’ve contributed to 32 Code4rena contests, uncovering 10 high-severity and 12 medium-severity issues (including 2 solo findings). Along the way, I built automated tooling for Code4rena’s bot races (back when this was still a thing), frequently taking first place.