Smart Contract Exploits
Reentrancy, oracle manipulation, signature replay, proxy flaws, precision loss, governance attacks, and economic exploit chains.
Cyber Security Firm
Kistsune Cyber Security
Elite vulnerability research for Web3 protocols, AI platforms, and high-value internet infrastructure.
We specialize in finding critical bugs before attackers do — smart contract exploits, access-control failures, economic attacks, platform vulnerabilities, and logic flaws that automated scanners miss.
Responsible Disclosure
Smart Contract Security
AI Platform Research
Bug Bounty Operations
Critical Vulnerability Analysis
Experience
Research Experience Across High-Value Targets
Security research across programs and platforms involving Netflix, xAI, Chia Network, and other verified organizations.
Netflix
xAI
Chia Network
Web3 Protocols
AI Platforms
Infrastructure Targets
Bug Bounty Programs
References indicate security research experience across public or authorized programs and do not imply endorsement, partnership, or affiliation.
Capabilities
What We Hunt
Kistsune focuses on vulnerabilities that matter: exploitable paths, economic impact, broken trust assumptions, and proof strong enough to survive adversarial review.
Web3 Economic Security
Flash loan modeling, MEV vectors, liquidity attacks, collateral manipulation, invariant failures, and protocol-level risk.
Platform Vulnerability Research
Access-control bypasses, exposed internal endpoints, auth drift, IDORs, state-changing unauthenticated actions, and business logic flaws.
AI / LLM Security
Prompt injection surfaces, model-integrated workflows, data exposure, tool-abuse paths, and agentic system risk.
Bug Bounty Operations
Scope analysis, target prioritization, exploit validation, evidence packaging, and submission-ready reporting.
Final QC & Reporting
Every finding is validated with reproducible evidence, impact analysis, clean proof-of-concept material, and remediation guidance.
Research Philosophy
Evidence Over Noise
Most security work fails because it stops at suspicion. Kistsune pushes findings through proof, impact, reproducibility, and adversarial review before anything is treated as real.
Every candidate must have a concrete exploit path, not just theoretical weakness.
Findings are framed around business, protocol, financial, or platform risk.
Reports are built to help teams reproduce, validate, and remediate quickly.
Founder & CEO
Jimmy Dinh
Founder & CEO, Kistsune Cyber Security
Jimmy Dinh leads Kistsune Cyber Security with a focus on high-impact vulnerability research, responsible disclosure, and revenue-driven security operations. Kistsune’s work is built around one standard: findings must be real, reproducible, and worth submitting.
Founder-led research firm
Focused on high-impact vulnerabilities
Web3, AI, and platform security
Evidence-first reporting
Process
From Attack Surface to Submission-Ready Evidence
Scope Intelligence
We map programs, assets, contracts, endpoints, permissions, and exposed trust boundaries.
Candidate Discovery
We identify unusual state transitions, logic flaws, economic paths, and security assumptions worth testing.
Exploit Validation
We reduce noise by building evidence, reproductions, traces, and proof-of-concept material.
Impact Framing
We translate technical behavior into concrete platform, protocol, financial, or user risk.
Responsible Reporting
We package findings clearly for triage, remediation, and responsible disclosure.
Research
Research Built for Adversarial Review
Kistsune treats every finding like it will be challenged. The work is refined until the evidence, exploitability, and impact can stand on their own.
- Reproducible test cases
- Minimal proof-of-concepts
- Attack-path diagrams
- Impact analysis
- Remediation notes
- Submission-ready reports
Contact
Need sharper security research?
For serious reviews, high-value targets, Web3 protocols, AI platforms, or responsible disclosure support, request a private security review.