About

My name is Frédéric ADAM, I work as a Web2 Security Expert in the daytime, and I do Web3 Bug Bounty on the side.
I focus my Web3 research on Blockchain infrastructure, especially Denial of Service issues.
If you want to contact me, since I do not use Social Media, the easiest is to send an email.

Work

All my recent work can be found on the MevSec blog, in particular the articles below:

• 2023-10-24 : Taking down Wormhole’s CCQ service through REST API
• 2023-10-15 : CVE-2023-42319 : Geth - DoS through GraphQL

Achievements

Web3

• Presence in the Top100 Immunefi leaderboard (MevSec_fadam) in 2023, 2024
• Contributing to MevSec blog

Web2

• Hackerone (inactive) : 17 valid vulnerabilities during the year 2020
• Google Hall of Fame (October 2020, inactive)
• Microsoft Hall of Fame (May 2020, inactive)
• CVE-2020-26248
• Offensive Security Web Expert

Experience

• 5 years as Web2 pentester, focused primarily on Web applications
• 1 year as Web3 auditor, auditing Solidity mostly
• 1 year as Security engineer, working on Firewall, DNS, Reverse-Proxy…
• 2 years as Web Infrastructure/Security engineer, worked on CDN, DNS, Web servers, CI/CD…