mert tasci

attack developer @picussecurity
bug hunter @bugcrowd
computer engineering graduate


social accounts

who am i?

hi! my name is mert.

i'm interested in cyber security (web & mobile application security, api security, source code review) and software development as amateur. sometimes i write something at the

i'm developing myself on malware researching and threat analysis at picus security. i love bug bounty (i spend most of my free time on bug bounty at bugcrowd), music, watching animes, minimalist design (minimalism is a philosophy of life for me) and some computer games etc. so i hate sleeping. these things motivate me.

also, i love people who have low ego(!)

i challenge you on table tennis!

pentest statics

i took part many application penetration test projects in my old job. many of them are web application projects. also i tested mobile applications (android & ios) and web services.
i usually did source code analysis (in other words; code review.) for .net, php, android and ios applications.
with numbers

  12 banks
  4 universities
  13 ecommerces
  48 others


this repo contains required files for web application pentest.
the javascript file creates a pop-up for your xss poc.
this script creates a csrf poc form to any http request.

my anime list

1. steins;gate (シュタインズ・ゲート)
2. death note (デスノート)
3. swart art online (ソードアート・オンライン)
4. mushi-shi (蟲師)
5. another (アナザー)
6. (アルドノア・ゼロ)
7. no game no life (ノーゲーム・ノーライフ)
8. elfen lied (エルフェンリート)
9. byousoku 5 centimeter (秒速5センチメートル)
10. aku no hana (惡の華)

designed by mert. - wow such a great job (!) i can cry..