kangali@ubuntu:~# ./whoami

KANG ALI

Vocation Security Researcher

Clearance Sinau ben ora Ketinggalan

Core Focus Threat Hunting,
Bug Hunting, AppSec

Network Connect

[ GitHub ] [ LinkedIn ] [ Twitter / X ] [ Instagram ] [ YouTube ]

cat sys_info.txt (click to execute)

# ./introduction.sh

"I break systems to understand how they work, and build tools to break them faster. With 15+ years navigating the space between system architecture and exploitation, my focus lies heavily on offensive security R&D, vulnerability discovery, and AI-driven tooling. I don't just study defenses; I stress-test them until the logic flaws expose themselves."

15+Years Exp

100+Projects

50+Trainings

10+CVEs

# ./personal_journey.log

[2023 - Now]Manager Cyber Security R&D@ Punggawa Cybersecurity
[2023]Senior Consultant – Threat Hunting@ ITSEC Asia
[2018 - 2023]Senior Penetration Tester@ Juke Solusi Teknologi
[2018]DevSecOps Engineer@ Tjakrabirawa Teknologi Indonesia
[2016 - 2017]Cyber Security Engineer@ Xirka Dama Persada
[2012 - 2015]R&D - Malware Analyst@ ID-SIRTII/CC

ls -la ./arsenal/ (click to execute)

DursGoDursGo is a web application security scanner designed for penetration testing and automated audits.

View Project →

Droid LLM HunterTool to scan for vulnerabilities in Android applications using Large Language Models (LLMs).

View Project →

DursVulnNSECustom Nmap NSE scripts for vulnerability detection and network security assessment.

View Project →

DursBurpBurp Suite extension that integrates the power of large language models (LLMs).

View Project →

PHP M-Shell 27.9A lightweight PHP utility for system administration and security testing purposes.

View Project →

AMOSAndroid Malware Operating System - A specialized environment for analyzing Android malware safely.

View Project →

WMTAWindows Malware Tools Analysis - A suite of tools for analyzing Windows-based malware.

View Project →

./view_engagements.sh (click to execute)

# PUBLIC SPEAKING & MEDIA

BlackHat ASIA 2026Present Arsenal Tools: DursGo (Go-based web vulnerability scanner).

[ SPEAKER ]

Idsecconf '25, '24, '22, '15Indonesia's premier cybersecurity conference.

[ SPEAKER ]

CNN InterviewExpert commentary on cybersecurity trends.

[ MEDIA EXPERT ]

Telkomsel Network DirectorateJourney Hacking security awareness program.

[ SPEAKER ]

Telkom UniversityGuest lecturer for advanced security courses.

[ GUEST LECTURER ]

Code Bali, Honeynet, BPJSTechnical workshops speaker and Hackathon Judge.

[ SPEAKER & JUDGE ]

# INSTRUCTOR / TRAINER

Malware Analysis@ Bareskrim Polri

Fundamental Pen-Testing@ BSSN

Basic Hacking and CTF@ BIN

Security Hacking Defence@ Ministry of Defence

Security Web Hacking@ Ditjen AHU

OWASP AppSec@ Kemenkeu

AppSec Verification@ Bank BNI

Certified Ethical Hacker (C|EH)@ EC-Council

tail -f /var/log/status (click to execute)

PacketStorm ArchiveA comprehensive collection of security tools, exploits, and advisories for research purposes.

Linked →

Exploit-DB ArchiveDatabase of public exploits and corresponding vulnerable software, organized for security professionals.

Linked →

CxsecuritySecurity vulnerability database with detailed analysis and mitigation strategies.

Linked →

CTF Problem SetterCreating challenging Capture The Flag problems for various cybersecurity competitions. (Cyber Jawara, CDC, Gemastik, KKSI, Etc.)

[ SYSTEM ACTIVE ]

./fetch_hall_of_fame.sh (click to execute)

# BUG BOUNTY - HALL OF FAME

Google Apple Microsoft Facebook Mozilla Safari Huawei Crypto Zoho Corp

# CVE DISCOVERIES

CVE-2010-5286Vendor: Joomla

View Details ↗

CVE-2022-46828Vendor: Jetbrains

View Details ↗

CVE-2022-27180Vendor: Intel

View Details ↗

CVE-2023-25182Vendor: Intel

View Details ↗

CVE-2023-4901Vendor: Google Chrome

View Details ↗

CVE-2024-10465Vendor: Mozilla Firefox

View Details ↗

CVE-2024-11698Vendor: Mozilla Firefox

View Details ↗

CVE-2025-6434Vendor: Mozilla Firefox

View Details ↗

CVE-2025-10530Vendor: Mozilla Firefox

View Details ↗

CVE-2025-11718Vendor: Mozilla Firefox

View Details ↗

CVE-2025-11713Vendor: Mozilla Firefox

View Details ↗

./verify_certs.sh (click to execute)

Certified EC-Council InstructorIssuer: EC-Council

[ VALIDATED ]

Certified Ethical HackerIssuer: EC-Council

[ VALIDATED ]

Certified Secure Computer User v2Issuer: EC-Council

[ VALIDATED ]

CCNA Routing and SwitchingIssuer: Cisco

[ VALIDATED ]

Certified Practical Malware AnalysisIssuer: TCM Security

[ VALIDATED ]

Certified Practical Ethical HackingIssuer: TCM Security

[ VALIDATED ]

./community_involvement.sh (click to execute)

# FOUNDER

Exploit-ID A community-driven platform for Indonesian security researchers to share knowledge and collaborate on vulnerability research.

[ ACTIVE ]

# BUG HUNTER PLATFORMS

HackerOne YesWeHack Bugcrowd Browser

# STAFF / MEMBER / CREW

Indonesian Hacker Hacker Newbie Devilzc0de Indonesian Coder Explore Crew

curl -sL https://medium.com/@roomkangali (click to execute)

Medium Publication Read my latest write-ups, vulnerability research, and cybersecurity thoughts on Medium.

Visit Blog ↗

[SYSTEM] waiting for remote connections...