String.fromCharCode(0x44) + atob("ZXJpbiBFcnlpbG1heg==");

Derin Eryılmaz

My job
None! I'm a student living in the US.
My Chromium security research
I've filed dozens of bug reports for the Chromium; My research is mostly focused on Chrome extension APIs and runtime.
My best find is an InfoLeak + XSS that allows Chrome Extensions to edit local files on ChromeOS and run commands in its Linux container. The writeup can be found on my blog.
I currently stand at around 180th on the Google Hall of Fame, which sounds a lot more impressive than it actually is.
Times I've been mentioned by Google:
My third-party security research
My Chrome extension research includes third-party extensions on the Web Store.
I've found four XSS bugs in extensions that allow for full information leakage and cross-site-scripting (UXSS) within Chrome.
These bugs were responsibly disclosed to the respective extension developers.
My future security research
I started learning C++ in the summer of 2023. Once I get more familiar with reading it, I hope to better understand the "big picture" of Chromium and find better bugs.