Who am I.

Hello, I’m Martin Hermens, known as bl4ckh4ck5 within cybersecurity circles.
Based in Almere, The Netherlands, I am a security professional with a deep-rooted focus on ethical hacking, penetration testing, and zero-trust architecture.
My career spans years of hands-on experience in identifying critical vulnerabilities, implementing advanced security measures, and collaborating with organizations to strengthen their digital defenses.
Each project, partnership, and vulnerability I uncover is part of my commitment to enhancing global cybersecurity standards.



Professional Journey


My journey in IT began early, and I quickly established a reputation for meticulous attention to detail and innovative defense strategies.
Over the years, I have contributed to several high-profile organizations as an external security consultant and penetration tester.
In each role, my responsibilities ranged from performing thorough assessments of network and system vulnerabilities to advising on proactive security measures.

I specialize in areas like network infrastructure analysis, web application security, cloud environment hardening, and mobile application security.
My expertise in complex, multi-layered security infrastructures has allowed me to provide comprehensive solutions that are tailored to meet stringent industry standards.
These experiences have equipped me with a wide array of skills to handle even the most sophisticated security challenges.



Key Achievements


Published CVEs: My work in vulnerability research has led to the publication of several high-impact CVEs, showcasing my ability to identify and responsibly disclose critical security flaws.
Some examples include:
CVE-2021-28940: Command Injection vulnerability in MagpieRSS
CVE-2020-10567: Remote Code Execution in ResponsiveFilemanager
CVE-2019-17130: Internal SSRF vulnerability in vBulletin
View the complete list on my Hall of Fame and CVEs page.

Hall of Fame Recognitions: My contributions to cybersecurity have been recognized in the Hall of Fame of various organizations, including Hostinger and KPN.
See more details on my Hall of Fame page.

Bug Bounty Platforms: I am an active member of platforms like Bugcrowd and HackerOne, where I work to identify and responsibly disclose vulnerabilities across digital landscapes.



Featured Projects


Internal SSRF Mitigation: Developed a unique patch to address SSRF vulnerabilities, preventing unauthorized internal network access.
Complex Social Engineering: Designed and executed targeted phishing and social engineering campaigns to test and strengthen organizational defenses.



Commitment to Privacy & Ethical Standards


My work is grounded in a strict commitment to ethical standards.
I emphasize transparency, secure data handling, and compliance with regulations like GDPR.
In personal projects, I prioritize Android for its open-source adaptability, allowing advanced security configurations suited to my rigorous standards.



Publications & Media Mentions


I’ve been featured in industry publications and news articles, including AD.nl and LinkedIn, highlighting my contributions to cybersecurity.
My insights and experiences have been shared in a podcast episode, providing a deep dive into my motivations and career path.



Connect with Me


To learn more about my projects or get in touch, feel free to visit my profiles or website:
Website: Hackoclipse
Twitter: @bl4ckh4ck5
Bugcrowd: bl4ckh4ck5
HackerOne: bl4ckh4ck5

2024 Hackoclipse

KvK-nr.: 69383944