| About | me |
|---|---|
| Name | Erik Walther |
| Languages | Python, JavaScript, SQL |
| VPS | Fedora, Debian @ Hetzner |
| Study | Programming: Boot.dev, Security: Hack The Box |
| Focus | Open Source Software, Privacy, Search-Engine Optimization |
A plain HTML page tells a crawler: here is some text. A well-structured page with semantic markup tells it something far more useful: here is a write-up, authored by this person, published on this date, part of this learning resource, …
Let's start with the numbers, because they're the point. Running the site through Google's PageSpeed Insights confirms what the architecture was designed to achieve, every metric lands in the "good" range and two of them hit the absolute floor:
Most portfolio SEO advice focuses on what your site says. This post is about who your site says you are.
There's a distinction worth making early. Content signals like keywords, meta descriptions and heading structure tell crawlers what a …
Most "privacy-focused" websites stop at removing Google Analytics. That's a start, but tracking happens at every layer of the stack; the domain registrar, the hosting provider, the reverse proxy and the framework. Building something that genuinely minimises data collection means …
I'm currently building my foundational hacking skills through the Hack The Box curriculum, working toward the level needed to qualify for bug bounty programs. This training gives me hands-on experience with core concepts like:
These are the essentials of any security researcher's toolkit.
Qualifying for bug bounty programs is a milestone, not a destination. Application security is vast and moves fast:
Closing the gap between theory and real-world research takes more than finishing a curriculum, it takes continuous learning and extensive practice against live targets.
This is exactly where I want to bring together what I've learned at Boot.dev and what I'm practicing on Hack The Box. The programming foundation I'm building, Python for automation, JavaScript for client-side analysis and SQL for injection work, isn't separate from my hacking training. It's the bridge. Custom tooling, scripted enumeration, and the ability to read and exploit source code are what turn guided exercises into real-world capability. Applying boot.dev's programming curriculum directly to Hack The Box challenges and live bug bounty targets is how I move from following walkthroughs to thinking and operating independently.
Competing as a security researcher means going beyond guided exercises and known techniques. It means developing:
That's the standard I'm working toward, and I'm committed to putting in the time and effort to get there.
I'm currently deepening my core programming expertise through the Boot.dev curriculum, with a strong emphasis on mastering:
| Language | Primary Application |
|---|---|
| Python | Custom reconnaissance scripts, API aggregation, security utility prototyping |
| JavaScript | Client-side vulnerability analysis, XSS payloads, prototype pollution |
| SQL | Injection flaw identification and exploitation |
These three languages form the backbone of modern security tooling. My goal is to translate theoretical knowledge into practical automation and exploitation skills specifically tailored for bug bounty hunting.
By building a robust foundation across these languages, I aim to move beyond relying solely on existing tools and toward developing bespoke scripts that:
The end goal isn't just finding bugs, it's building the skill set to find them faster and more reliably than the competition.
PrivacyPal is more than a high-performance, non-exit Tor relay. It is a commitment to strengthening the Tor network in an increasingly surveilled world.
This project acts as my open ledger, detailing every decision, challenge, and triumph:
Nothing is hidden. I believe true privacy infrastructure relies on trust and shared knowledge. By documenting the entire process, I aim to inspire and guide fellow advocates in building a more private internet. Through radical transparency, we collectively strengthen our defenses against intrusive monitoring.
This portfolio is self-hosted and maintained by me. It serves as my personal testing ground where I apply theoretical knowledge directly in practice, with a strong focus on security hardening and advanced Python development. I deliberately chose Django to challenge myself with a production-ready framework, building not only a secure architecture but also ensuring a robust and well-designed user experience.
Beyond technical security measures, I have also integrated a detailed SEO strategy. I ensure the content is not only secure but also well-indexed and understandable for crawlers. This creates a balance between maximum privacy and security on the backend, and optimal visibility on the frontend.