Independent security researcher specializing in manual source code auditing across low-level systems: blockchain VMs, cryptographic libraries, embedded engines, and infrastructure platforms. No automated scanners. Every finding comes from reading code line by line in containerized environments.
Currently working on AI training data systems for frontier model development and conducting security research across multiple bug bounty programs.
Found an integer overflow in a widely-used monitoring platform's C source through manual auditing in Docker. Wrote a working PoC demonstrating the crash. CVE assigned.
Analyzed a blockchain VM allocator for resource limit bypass. Identified state rollback inconsistencies in mempool block construction that could cause invalid block production.
Audited transfer verification logic in a DeFi protocol SDK. Identified missing validation of leaf values, refund outputs, and timelocks during transfer receipt.
Built coding task specs, test suites, and QA for training frontier AI models through RL. Created automated tooling for identifying high-complexity commits and calibrating task difficulty.
Tool to extract and back up iMessages/SMS from iTunes backups into CSV. Modular architecture with full documentation, UI, and installer supporting large backups.
VMware ESXi servers, pfSense firewall, network monitoring, cloud deployment with AWS and Terraform. CI/CD pipelines via GitLab. Simulated ransomware recovery drills.
Independently discovered and responsibly disclosed vulnerabilities in production systems.
Systematic methodology for auditing open source repos with Q0/Q1/Q2 quality gates: clone, containerize, trace execution paths, identify logic bugs, write PoCs, provide fixes.
