offensive security · vulnerability research

Vulnerability research with real-world impact.

I'm Matthew Zamat — an application security manager and offensive security professional. I find and exploit critical flaws in web, API, and mobile targets, with 300+ accepted vulnerabilities and P1 criticals on some of the most hardened programs in the industry.

Read the blog → Download résumé

300+accepted bugs

P1criticals · hardened targets

OSCP+ CRTO certified

Top 10monthly researcher

Capabilities

Technical skills

Penetration Testing & Red Teaming

Internal/external network pentesting and red team engagements — phishing assessments, adversary simulation, and custom payload development.

Cobalt Strike Metasploit Burp Suite Pro Nmap

Web & API Security

Deep expertise in web and API vulnerability discovery. 300+ accepted bugs with P1 criticals on hardened targets — focused on access control and authentication flaws.

OWASP Top 10 API Testing Auth Bypass IDOR / BOLA

Application Security & Code Review

Secure code review across Java, Python, and JavaScript. SAST/DAST/SCA integration into CI/CD pipelines — shifting security left in the SDLC.

SAST DAST SCA Java / Python

Reverse Engineering

Static and dynamic analysis of iOS, macOS, and Android applications — identifying hardcoded secrets, weak crypto, and hidden functionality.

Ghidra IDA Pro Frida iOS / Android

Security Tooling & Automation

Building custom scripts, scanners, and payloads for assessments — automating reconnaissance, vulnerability scanning, and exploitation workflows.

Python Bash Nessus Custom Tooling

Compliance & Frameworks

Mapping findings to MITRE ATT&CK, OWASP, and CWE — supporting compliance efforts aligned with FISMA and NIST 800 series standards.

MITRE ATT&CK NIST 800 FISMA CWE

Experience

Where I've worked

Full résumé →

Aug 2025 — Present

Application Security Manager

OnDefend — District of Columbia

Perform advanced web and mobile application penetration tests, simulating real-world adversarial techniques to identify and validate vulnerabilities
Conduct secure code reviews in Java, Python, and JavaScript applications, uncovering logic flaws and insecure patterns early in the SDLC
Integrate and operate SAST, DAST, and SCA tooling within CI/CD pipelines to automate detection of security defects
Map findings to adversarial tradecraft frameworks (MITRE ATT&CK, OWASP Top 10, CWE) to provide actionable remediation guidance

Jan 2025 — Aug 2025

Offensive Cyber Operator

SIXGEN — Arlington

Performed internal and external penetration testing to identify vulnerabilities and recommend mitigation strategies across externally exposed networks
Conducted phishing assessments and vulnerability risk assessments, simulating adversary behavior to evaluate organizational resilience
Utilized advanced offensive tools including Cobalt Strike, Metasploit, Burp Suite, Powersploit, and Nmap to conduct red team engagements
Supported compliance efforts aligned with FISMA and NIST 800 series standards

Jan 2023 — Jan 2025

Red Team Penetration Tester

Synack

Conducted comprehensive security audits and penetration tests for web applications and source code review
Executed intricate security tests using cutting-edge tooling and custom scripts
Collaborated with researchers and penetration testers; engaged in and led peer review
Used Burp Suite Pro, Nessus, Acunetix, Postman, and SoapUI daily

Jun 2019 — Present

Security Researcher

Bugcrowd / HackerOne

300+ accepted vulnerabilities, many Critical or High severity
Reported and rewarded for multiple P1 Critical vulnerabilities on hardened programs such as Square, Cash App, and FIS
Consistently ranked in the Top 10 researchers on a monthly basis

Certifications

OSCPOffensive Security
CRTOZero-Point Security

Education

B.S. NeurophysiologyUniversity of Maryland, College Park — 2019

Languages

EnglishNative speaker
ArabicNative speaker
FrenchHighly proficient

Download PDF résumé