I’m an independent security researcher with industry experience in penetration testing, cyber risk consulting, and software engineering. On my website I highlight recent vulnerability disclosures or proof of concept exploits, and blog about Capture the Flag competitions and Bug Bounty.
|05/2021||MonkeyType.com - Stored Cross-Site Scripting (XSS) via Tribe Chat||MonkeyType||N/A||N/A|
|05/2021||PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)||PHP Timeclock||N/A||N/A|
|05/2021||PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection||PHP Timeclock||N/A||N/A|
|05/2021||MonkeyType.com - Cross Site Scripting (XSS) via Word History||MonkeyType||N/A||N/A|
|04/2021||Blockfi - Undisclosed Vulnerability||BlockFi||$1,000||N/A|
|10/2020||TimeClock Software 1.01 0(Authenticated) Time-Based SQL Injection||Timeclock||N/A||N/A|
|03/2020||Hinge - Modification of Assumed Immutable Data (M.A.I.D)||Hinge||$250||N/A|
Below is a short list of articles and research papers I've published. For more information or to read the full article, click the linked icons below.
Below is a short overview of courses I've help teach as an undergrad at The Pennsylvania State University.
CRIM 100 Introduction to The American Justice System1/08/2016 - 06/30/2016
I assisted Professor Lecinda M. Yevchak in the Department of Sociology and Criminology in grading student papers and assisting students on the capstone project.DEPARTMENT OF SOCIOLOGY AND CRIMINOLOGY
As a passionate open source developer, I spent much of my time writting and reviewing code. Below is a couple projects I am currently hacking on. If you're interested in the full list of projects I'm contributing to, please see my GitHub