Suphawith Phusanbai
A self-taught penetration tester who likes to hunt bugs alone!
Hunting vulnerabilities in Fortune 500 companies and gaming softwares.
I focus on desktop application security, Windows vulnerability research, and reverse engineering. I usually perform penetration testing for Tier 1 banks in Thailand, with additional hands-on experience in AI and agentic penetration testing. I also enjoy adversary simulation and developing custom malware for red team operations! I also enjoy weight lifting!
Curiosity drives everything I do. I usually start with questioning the issue, making an assumption, finding the root cause, articulating attack possibilities, and then exploiting it. The least favorite thing for me is doing repetitive tasks such as compliance pentesting checklists.
Read My Security Research Blog
From vulnerability discovery to exploitation — practical write-ups based on real-world targets.
Corporation & Government
Microsoft
Power Automate Desktop
HP
HyperX NGENUITY
Sony
Music Center for PC
Electronic Arts
Dragon Age: Origins Updater
Razer
Razer Firmware Updater
ThaiCERT
Government Website
TomTom
API and SDK services
AON
Web application
Open Source Software
These are OSS maintainers I reported vulnerabilities to and communicated with through GitHub issues and email.
Public Advisories & Exploits
Achievements
Women Thailand Cyber Top Talent 2024 Creator
Web App Category (Junior & Open Challenge Labs)