AppSec engineer reviewing browser extension wallets and mobile apps for injection points, phishing vectors, and signer safety.
Skills:
-
Mobile + Extension AppSec
-
DOM Injection Testing
-
Signer Approval Logic Review
-
WebAuthn/SSO Integration Testing
Experience:
-
Reviewed mobile + browser wallets across EVM, Cosmos, and Solana
-
Worked closely with QA and design teams to secure signer UX
Achievements:
-
Prevented signer injection via malicious dApp link
-
Reduced approval spoof incidents through modal redesign
-
Hardened extension script permissions