I am a security researcher and low-level software engineer focusing on vulnerability research, exploit development, reverse engineering, fuzzing, and systems programming. I work primarily with C, C++, Python, and Rust. I am currently pursuing an M.Sc. in Computer Science and Engineering at DTU.

My day job is mobile security research — building full-chain smartphone exploits and developing QEMU-based fuzzing and emulation tooling targeting ARM platforms, bootloaders, and TrustZone/TEE components.

Before that, I was a developer-researcher at ISP RAS on the Sydr team, working on LLVM-based fuzzing (Futag) and Triton-based symbolic execution tooling. During that time I found 6 CVEs in Rizin and contributed patches to PyTorch. Before ISP RAS, I worked on security and fuzzing for PostgreSQL at Postgres Pro, where I found an OOB access bug in interval-to-char conversion. I started my career as a malware analysis intern at Kaspersky, reverse-engineering targeted threats including bootkits and rootkits.

I have also independently reported a Firefox IPC bug, built a Frida-based fuzzer for Firefox IPC, contributed ARM32 support to Tenet, and wrote an advanced C++ memory allocator with GC and heuristic layouting for improved cache locality.

I enjoy playing CTFs and developing challenges. I was a Flare-On 9 finalist, authored exploitation challenges for SASCTF 2024 and 2025 (including TA/OPTEE exploitation and symbolic verification with Triton on a custom QEMU RISC-V board), and contributed experimental LAF/Compcov support to the WTF snapshot fuzzer.

I hold a B.Sc. in Information Security (with Honours) from HSE.

Outside of work I like photography, reading, and mountain biking.