Welcome to Thomas Stacey’s (aka “t0xodile”) personal blog. Here you’ll find content about my adventures in penetration testing and security research, with a heavy focus on web application security. If you have any questions or comments, please feel free to reach out to one of my socials.

I am a penetration tester, security researcher and full-time Lego enthusiast. Most of my time is spent hacking web applications with the slightly misguided hope of running into interesting behaviour that I can use as a research lead. Outside of regular testing work, I spend a lot of time following up on said leads and attempting novel research with the goal of presenting at a conference.