About Me

Hi, I'm Evan McMahon. I'm a security researcher and web developer who writes about vulnerabilities, defensive strategies, and security research. I believe in being transparent about who I am and how I got here.

I wasn't always on the right side of cybersecurity. In my late teens and early twenties, I made some serious mistakes that hurt people. I got involved in activities that compromised other people's accounts and privacy. What started as technical curiosity evolved into something that caused real harm.

I told myself it was just about the technical challenge, but that was just me avoiding responsibility for the damage I was causing. Real people were being affected by my actions. Eventually, I was forced to confront what I'd done and who I wanted to be. I realized I could use that same technical understanding to help people instead of hurting them. The skills that got me into trouble could be redirected toward making systems more secure.

I took responsibility for my actions, accepted the consequences, and committed to using my experience to help build better defenses against the kinds of attacks I once carried out.

Today, I work as both a security researcher and web developer. I use my understanding of attack techniques to help defend against them, and I know how these systems work because I've built them from both sides. This perspective helps me identify vulnerabilities that others might miss and build more secure applications.

I specialize in white box code security audits, particularly for PHP applications, where I can examine the source code directly to identify security flaws. I also focus on vulnerability research around authentication systems, credential handling, and automated attack vectors. Every vulnerability I find gets responsibly disclosed through proper channels, and I work on web development projects helping organizations build secure systems from the ground up.

I write about my past because I think context matters when discussing security. Through Securized, I share research and insights about attack techniques and defenses based on experience from both sides.