Marius du Preez. Full-time mobile security researcher specializing in Android & iOS. 8 years in cloud infrastructure and tech, followed by 9+ years running my own businesses. That combination means I find the vulnerabilities your pentest missed.
Last updated: March 2026
Most hunters stick to web. I reverse engineer APKs and IPAs to find hardcoded secrets, broken deep link handlers, and unsandboxed WebView bridges that scanners and web-only testers never see.
8 years in cloud migrations, VM migrations, and managing production infrastructure. I understand how backends are put together, from IAM policies to API gateways, and where the assumptions break down.
9+ years running my own businesses, managing $10k/day ad spend, and understanding how products and payment flows actually work. I find logic flaws like race conditions, privilege escalations, and payment bypasses. Not just technical bugs.
Three chained flaws in a crypto exchange's Android app gave full account access from a single tap.
CriticalDeterministic encryption + exported activity. Forged push steals session tokens with zero user interaction.
CriticalAES key from iOS binary decrypts 10 API secrets. Forged Apple Wallet passes for any customer across 8 countries.
Vulnerability research across public and private programs on Android & iOS. 63 reports, 23 critical findings, specializing in deep links, WebViews, and business logic.
AI-powered SEO content platform. Clients averaged 340% traffic growth in 90 days, with 85% of articles ranking top 10 within 6 months.
DeFi trading tools with the fastest and most accurate charting data. Grew to 3,000+ daily organic visitors.
Mortgage broker lead generation. Managed $10k/day in ad spend with profitable unit economics across Google and Meta.
8 years in cloud migrations, VM migrations, and managed service consulting. The foundation that makes understanding backend vulnerabilities second nature.
Available for private bug bounty programs, mobile app penetration testing, and security consulting.