Hello, I'm

Kirtikumar Anandrao Ramchandani

A Browser and Kernel Security enthusiast

a little bit

About me

Welcome to my website. I am a PenTester and also a professional eSports player. I love to contribute to work on the Security of Open-Source Projects.

I have won Regional Qualifiers of World Cyber Games 2019 and later ranked 7th in Finals and Top 32 in the World. I go by the alias FaLcOn. Also, I am an intrigued practitioner of VA/PT, Competitive Programming and avid MUNning.

Currently, I am focusing on Browsers and Android Security.

some of my


Vulnerability Assessment

Penetration Testing

Web Development

Internet of Things

Android Development

iOS Development

some of my

  1. Book of Achievers
  2. UAceIt
  3. Fayz
  4. Security Affairs
  5. Security Affairs
  6. Bleeping Computer
  7. Meterpreter
  8. Everipedia

CVEs assigned to me:
  1. CVE-2017-17455 (Mahara - MiTM)
  2. CVE-2019-9709 (Mahara - XSS)
  3. CVE-2020-2545 (Oracle HTTP Server - Denial of Service)
  4. CVE-2020-17153 (Microsoft Edge Android- URL Spoofing)
  5. CVE-2020-27969 (Yandex Browser - Same-Origin-Policy Bypass & Address Bar Spoofing)
  6. CVE-2020-27970 (Yandex Browser Lite - Address Bar Spoofing)
  7. CVE-2021-23253 (Opera Mini for Android- Address Bar Spoofing)
  8. CVE-2021-24100 (Microsoft Edge for Android- Information Disclosure)
  9. CVE-2021-21187 (Google Chrome - International Domain Name Spoofing)
  10. CVE-2021-32078 (Out-Of-Bounds Read in Linux Kernel) Issue was found in collaboration with Patrick Walker (HomeSen)
  11. CVE-2021-25254 (Yandex Browser Lite - Address Bar Spoofing)
  12. CVE-2021-25255 (Yandex Browser Lite - Integer Overflow) Issue was found in colloration with Patrick Walker (HomeSen) and Christoph Diehl (posidron)
  13. CVE-2021-25262 (Yandex Browsers - IDN Homograph Attack)
  14. CVE-2021-30589 (Remote Factory Data Reset) Issue was found in colloration with Patrick Walker (HomeSen) and Eric Lawrence (ericlaw)
  15. Out-Of-Bounds Write in the Kernel of Android 12 and earlier. Vulnerability was found in colloration with Patrick Walker (HomeSen)
  16. Drag-n-Drop Navigation to Privileged URI (NTFS Corruption)- Yandex Browser (Fixed)
  17. Out-Of-Bounds Write to GPU memory- Google Chrome- Windows (Duplicate)
  18. Out-Of-Bounds Write (Heap-Use-After-Free)- Google Chrome
  19. CVE-2021-42308 Spoofing using Cast function of browser- Microsoft Edge (Chromium-based)
  20. SVE-2021-23944 (CVE-2022-22290): Incorrect UI in Downloads- Samsung Internet Browser (Chromium-based)
  21. CVE-2021-44748 (Universal Cross-Site Scripting Vulnerability in F-Secure SAFE Browser for Android)
  22. CVE-2021-44749 (Universal Cross-Site Scripting Vulnerability in F-Secure SAFE Browser Protection for Android)
  23. CVE-2022-22758 (Mozilla Firefox: Zero Click Factory Data Reset) Issue was found in colloration with Patrick Walker (HomeSen) and Eric Lawrence (ericlaw)
  24. CVE-2022-28868 (F-Secure SAFE: Address Bar Spoofing)
  25. CVE-2022-28869 (F-Secure SAFE: Address Bar Spoofing)
  26. CVE-2022-28870 (F-Secure SAFE: Address Bar Spoofing)

Honours and Awards:
  1. Paytm First Games Clash Royale Champion (National)
  2. Penetration Tester of the Year
  3. Model United Nations
  4. VIVO PUBGM Tournament Champion
  5. Youngest Tech-Savvy
  6. Online World Records
  7. World Cyber Games 2019 India's Representative

  1. CVE-2021–30589: Erasing a mobile phone with Chrome Zero-day
  2. TOR can leak your identity even if you try to hide it!
  3. CVE-2021-23253: URL Spoofing
  4. CVE-2021-25262: International Domain Name Homoglyph attack

find me here