Banner
Ali Sünbül

Ali Sünbül

@xeloxaResume

Pentester

I'm an Ethical Hacker & Penetration Tester passionate about Cloud, Web App & Application Security. I focus on offensive security and actively contribute to open-source projects.

Let's talkDrop a mail

Find me on the internet

GitHubBlogLinkedIn

My skills

Cloud Security (AWS)
Offensive Security
Application Security
Python & Automation
Linux/Unix
Docker & Containers
Golang
Network Security
Cloud Security (AWS)
Offensive Security
Application Security
Python & Automation
Linux/Unix
Docker & Containers
Golang
Network Security
Cloud Security (AWS)
Offensive Security
Application Security
Python & Automation
Linux/Unix
Docker & Containers
Golang
Network Security
Cloud Security (AWS)
Offensive Security
Application Security
Python & Automation
Linux/Unix
Docker & Containers
Golang
Network Security

Contributions @xeloxa

GitHub Contributions

Projects

s3finder

s3finder

A tool for discovering and analyzing open S3 buckets.

Cloud SecurityAWSGolang
Open projectGitHub
wp-hunter

wp-hunter

WordPress vulnerability scanner and reconnaissance tool.

WordPressSecurityPython
Open projectGitHub
aws-clf-c02-notlari

aws-clf-c02-notlari

AWS Certified Cloud Practitioner study notes.

AWSCloudNotes
Open projectGitHub
?

Coming Soon

More projects coming soon!

Coming Soon
Coming Soon

Security Contributions

2 contributions

lukilabs/craft-agents-oss

lukilabs/craft-agents-oss stars

Fixed path traversal in STORE_ATTACHMENT IPC handler (v0.3.2) · #142

View advisory

NoeFabris/opencode-antigravity-auth

NoeFabris/opencode-antigravity-auth stars

Set 0600 permissions for credential storage

View advisory

More contributions coming soon!

CVEs

4 advisories

CVE-2026-1993

Privilege escalation in ExactMetrics <= 9.0.2

CVSS 8.8View advisory

CVE-2026-1992

Arbitrary plugin installation in ExactMetrics <= 9.0.2

CVSS 8.8View advisory

CVE-2026-1857

SSRF vulnerability in Kadence Blocks <= 3.6.1

CVSS 4.3View advisory

CVE-2026-2633

Unauthorized media upload in Kadence Blocks <= 3.6.1

CVSS 4.3View advisory

More CVEs coming soon!

Exploits

1 exploits

More exploits coming soon!

Thoughts & Writing

TryHackMe - Mr.Robot

TryHackMe - Mr.Robot

2025-11-058 min
TryHackMeWriteupWordPress
HTB - Artificial

HTB - Artificial

2025-10-2910 min
HTBWriteupRCE
AWS Security

AWS Security

2025-11-266 min
AWSSecurityIAM
Continue on HackPaper

crafted with purpose — @xeloxa