About

Hey there! I’m k4nnix, an aspiring Security Engineer.

Right now, the name “k4nnix” (a play on the German phrase “kann nix”, meaning “can’t do anything”) feels a bit too accurate — but I’m working on changing that!

Okay, to be fair, it’s not like I can’t do anything. I’m actually a Software Engineer with nearly a decade of experience, mostly in web development. I’ve worked extensively with PHP, Node.js, and a bit of frontend.

Like many developers with that background, I’ve run into security concerns — XSS, SQL injection, CSRF, remote code execution, path traversal — you name it. But usually, we just try to avoid introducing these vulnerabilities, leaving the deep digging to security testers later on. That mindset never sat right with me. I even suggested to my manager that we test our applications internally before handing them off, but I got a “not your job” kind of response.

So I decided to take things into my own hands. I’m diving deep into security and aiming to eventually transition into the field full-time. This blog is where I’ll document that journey — with writeups, original payloads, and whatever else I come across.

Thanks for stopping by!

– k4nnix