Berk Dedekargınoğlu

Offensive Security Engineer | Vulnerability Researcher | 14+ CVEs | Building MentionCheck

Ankara, Türkiye

About

I focus on finding real-world vulnerabilities through source code analysis and offensive security research. My work involves identifying logic flaws, insecure implementations, and trust boundary violations in modern applications often leading to CVE assignments and coordinated disclosures. Beyond standard security assessments, I spend significant time reading code, understanding how systems fail under edge conditions, and turning those observations into practical security findings. I regularly publish technical write-ups about the vulnerabilities I discover, aiming to contribute to the broader application security community. Offensive security is not only about testing systems but understanding how they are built, and where they break. Beyond offensive research, I'm currently building MentionCheck, a real-time brand mention monitoring product that tracks keywords across social media, news, and forums with sentiment analysis and live dashboards. mentioncheck.com

Experience

  • Creator & Builder at MentionCheck
    Mar 2026 - Present · 5 mos

    Designed and built MentionCheck (mentioncheck.com), a real-time brand mention monitoring and sentiment analysis product built solo, end-to-end, from blank repo to live product accepting user registrations. The product continuously monitors mentions of tracked keywords across multiple social platforms, news sources, and forums, classifies sentiment in real time, and surfaces brand-level insights through dashboards covering mention trends, sentiment distribution, source breakdown, and live activity feeds. Backend: distributed scraping and ingestion pipeline handling multi-source mention collection at scale, with rate-limit-aware fetching - Sentiment analysis layer combining lightweight ML classification with LLM-based contextual scoring - Real-time dashboard (live mention trend, sentiment analysis, source distribution, per-keyword breakdowns) - Multi-tenant architecture with workspace isolation, subscription tiers, and auth/onboarding flows - Subscription and plan management integration

  • Independent Vulnerability Researcher at Freelance
    Nov 2025 - Present · 9 mos

    Conducting independent offensive security research on modern SaaS platforms, AI agent orchestration tools, and workflow automation systems. Reporting through coordinated disclosure. TLSMask - Open-source TLS fingerprint emulation proxy that replays any ClientHello (JA3/JA4) to bypass TLS-based bot protection (Cloudflare, Envoy). Lets tools like Burp Suite present a genuine client fingerprint instead of being silently flagged. FlowiseAI / Workday (7 CVEs): - CVE-2026-46441, 42863, 42862, 42861 - Mass Assignment chain across assistant, chatflow, tool, and variable update endpoints. Cross-workspace reassignment + tenant isolation bypass in multi-tenant deployments. - CVE-2026-41277 - Mass Assignment in DocumentStore creation enabling implicit UPSERT; cross-workspace object takeover (BOLA/IDOR) via primary key control. - CVE-2026-41267 - JSON injection in Flowise Cloud registration; unauthenticated attackers could associate accounts with existing organizations → privilege escalation. - CVE-2026-30823 - IDOR in FlowiseAI SSO configuration; low-privileged users could modify other organizations' OAuth configs, creating account takeover risk. n8n (4 CVEs): - CVE-2026-21893 - OS Command Injection in community package installer. - CVE-2025-68949 - IP whitelist bypass via partial string matching (IPv4 & IPv6). - CVE-2025-68697 - Sandbox escape in legacy JavaScript Code Node via internal helper functions. - CVE-2025-68668 - Sandbox bypass in Python Code Node (Pyodide) Typebot (2 CVEs): - CVE-2025-64709 - Critical SSRF (CVSS 9.6) → AWS IMDS v1/v2 access, IAM credential extraction, potential K8s/cloud compromise. - CVE-2025-64706 - IDOR in API token management; unauthorized access to other users' API keys. OpenClaw (1 CVE): - CVE-2026-24763 - Command injection in Docker sandbox via user-controlled environment variables. Patched in 2026.1.29.

  • Getir (4 yrs 2 mos)
    • Senior Offensive Security Engineer I
      Aug 2024 - Nov 2025 · 1 yr 4 mos

      • Conduct offensive security assessments on web and mobile applications, including source-code analysis, reverse engineering, and runtime instrumentation. • Develop internal red team tools and automation scripts to support penetration testing, phishing campaigns, and evasion techniques. • Build and maintain custom extensions , tools and payloads for advanced spoofing and traffic inspection scenarios. • Lead phishing simulation campaigns and security awareness initiatives to reduce social engineering risk. • Participate in incident response and forensics investigations, supporting threat analysis and containment activities. • Contribute to evaluation of third-party software security as part of the procurement and vendor risk process. • Collaborate with compliance and vulnerability management teams to align offensive insights with organizational risk posture. • Engage in continuous research on modern attack vectors, detection bypass techniques, and post-exploitation methods. Skills & Focus Areas: Penetration Testing · Reverse Engineering · Android Security · Web Application Security · Red Teaming · Incident Response · Tooling & Automation · Social Engineering

    • Offensive Security Engineer ll
      Sep 2023 - Aug 2024 · 1 yr

    • Offensive Security Engineer
      Dec 2021 - Sep 2023 · 1 yr 10 mos