Tengku Arya Saputra
Cyber Security Analyst & Penetration Tester
Specializing in web application security, API audits, vulnerability hunting, and Red Team operations. Developer of light automation scripts and security utilities.
About Me
Hello! I am a security engineer and penetration tester based in Jakarta. I am currently studying Informatics Engineering at Esa Unggul University, focusing on computer networks, systems infrastructure, and data structures.
As a researcher, I specialize in web endpoint analysis, API security validation, and automated exploit research. Under the alias AryaSec1337, I develop customized scripts and contribute to defensive and offensive tool suites for security auditing.
I am also an active member and developer for Dark Clown Security, collaborating on open-source utilities and writing scripts to identify misconfigurations like Cross-Origin Resource Sharing (CORS) leaks, credential bypasses, and validation loopholes.
Security & Dev Skills
Penetration Testing
Auditing web applications, checking authorization controls, enumerating API endpoints, and assessing security postures against common vulnerability lists (OWASP Top 10).
API Security & Auditing
Specialized in investigating REST and GraphQL structures. Expert at analyzing query parameters, bypassing weak rate limits, and checking CORS policies for exposure.
Security Automation
Writing scripts in Bash, Python, and JavaScript/Node.js to automate credential sprays, scan headers, scrape target metadata, and run verification routines.
Featured Security Tools
GlowQL
A developer utility designed to clean up, format, and execute GraphQL queries. Instantly structures query lines, supports parentheses indentation, parses raw HTTP requests, extracts operation names, and plays requests directly from the dashboard.
query UserDetails {
reviewer(id: $id) {
firstName
email
}
}CORSpect
A specialized security tool built to audit CORS configurations. Automates origin reflection, credential validation, and wildcard auditing to prevent unauthorized data exposure.
larapush
A developer push and deployment helper for Laravel. Simplifies pushing code updates, running remote migrations, and automating routine deployment operations.
Ragnarok Tools
A collaborative open-source toolkit providing a collection of automated helper scripts and console utilities for security testing and system management.
SPAMMER-OTP
A testing utility to evaluate rate limiting and verification bypasses on SMS and OTP gateways. Helps developers audit verification endpoint resilience.
Get In Touch
Interested in collaborating, auditing APIs, or discussing tool development? Drop me a message.