Karuppiah Sabari Kumar

Hey, I’m Sabari

I go by 0xsabre online. I work as a Penetration Tester, which basically means I spend my days trying to break into web applications and APIs to find security issues before the bad guys do.

Most of my testing is black-box or grey-box - I’m looking at things from the outside or with limited access, trying to find real vulnerabilities that actually matter. What I really enjoy is digging into how an application behaves, following the request flows, and questioning the assumptions developers made. A lot of interesting bugs hide in the logic flaws and trust boundaries that weren’t thought through completely.

I’m big on manual testing and actually verifying stuff works. Anyone can run a scanner, but I want to understand why something breaks and make sure the findings I report are clear, reproducible, and actually useful.

Lately, I’ve been getting into mobile app security and cloud security too. Still learning, still testing things out, building up my skills through hands-on work and experimentation.

I’ve also done some vulnerability research and responsible disclosure - even got a few CVEs assigned, which was pretty cool. At the end of the day, I just love pulling systems apart to see how they tick… and where they don’t.

This site is basically my notebook. I keep my research threads here, write down things I’m learning, and share stuff that might help someone else who’s figuring this out too. If you find something useful, that’s awesome.