An experienced developer and IT professional with a deep passion for information security. Bringing 5 years of experience administering security on endpoints, servers, cloud systems, email systems, and web applications. A self-starter and quick learner, with a track record of effective communication with executives, users, and vendors. Ready to grow professionally and be part of something bigger.
Vulnerability Portfolio
Authentication Bypass P1 - CRITICAL Web TaxCloud YES NO YES
Authentication Bypass P3 - MEDIUM Desktop Bitdefender YES NO NO
Unrestricted File Upload P3 - MEDIUM Web Fancy Product Designer NO NO NO
Stored XSS via SVG Upload P2 - HIGH Web Fancy Product Designer YES NO YES
Sensitive Information Disclosure P3 - MEDIUM Web, Desktop Bitdefender YES NO NO
Authentication Bypass P2 - HIGH Desktop Malwarebytes YES NO YES
Authentication Bypass P4 - LOW Mobile Bitdefender YES YES YES
Application-level DOS P3 - MEDIUM Web Bitdefender YES NO YES
Reflected XSS P4 - LOW Web IBM N/A N/A N/A
Development Portfolio
Frequency Distribution Calculator
About:Frequency Distribution Calculator is a tool to help you calculate and analyze word and character frequency distribution in text.
Technologies:TypeScript, Stardust, SCSS, NPM, Git, AWS
About:Stardust is what my apps are made of. A web application framework comprised of a small JavaScript and CSS library with no production dependencies and a build system. The JavaScript library (and application code by default) is TypeScript and compiles back to ES5 for compatibility with Internet Explorer 11. A dark and light theme are provided using SCSS for the Stardust UI and a separate theme for application SCSS.
Technologies:TypeScript, SCSS, NPM, Git
ExpressRAIL Assistant
About:ExpressRAIL Assistant was deployed to retail floors and reseller's websites and facilitated the ordering of one of the company's railing systems. After generating a list of needed parts, the list and the customer's drawing could be emailed to the customer. This feature added significant security concerns, since it rendered user-generated HTML, converted it to a PDF, and emailed it to a given email address. To better secure this feature, the backend service was restricted such that it would only communicate with the app's frontend service, a keyword filter was put in place to prevent the app from parsing unexpected HTML, and rate limiting was put in place to prevent the backend service from being abused as a spam gateway.
Technologies:JavaScript, CSS, PHP, EC2, wkhtmltopdf, Git
Reset settings