About
An experienced developer and IT professional with a deep passion for information security. Bringing 5 years of experience administering security on endpoints, servers, cloud systems, email systems, and web applications. A self-starter and quick learner, with a track record of effective communication with executives, users, and vendors. Ready to grow professionally and be part of something bigger.
Vulnerability Portfolio
TYPE IMPACT TARGET CLASS VENDOR ACCEPTED DUPLICATE FIXED
Authentication Bypass P1 - CRITICAL Web TaxCloud YES NO YES
Authentication Bypass P3 - MEDIUM Desktop Bitdefender YES NO NO
Unrestricted File Upload P3 - MEDIUM Web Fancy Product Designer NO NO NO
Stored XSS via SVG Upload P2 - HIGH Web Fancy Product Designer YES NO YES
Sensitive Information Disclosure P3 - MEDIUM Web, Desktop Bitdefender YES NO NO
Authentication Bypass P2 - HIGH Desktop Malwarebytes YES NO YES
Authentication Bypass P4 - LOW Mobile Bitdefender YES YES YES
Application-level DOS P3 - MEDIUM Web Bitdefender YES NO YES
Reflected XSS P4 - LOW Web IBM N/A N/A N/A
Development Portfolio
Frequency Distribution Calculator
About:Frequency Distribution Calculator is a tool to help you calculate and analyze word and character frequency distribution in text.
Technologies:TypeScript, Stardust, SCSS, NPM, Git, AWS
Demo:https://frequencydistributioncalculator.com/
Source:GitHub
Stardust
About:Stardust is what my apps are made of. A web application framework comprised of a small JavaScript and CSS library with no production dependencies and a build system. The JavaScript library (and application code by default) is TypeScript and compiles back to ES5 for compatibility with Internet Explorer 11. A dark and light theme are provided using SCSS for the Stardust UI and a separate theme for application SCSS.
Technologies:TypeScript, SCSS, NPM, Git
Demo:https://jdgregson.github.io/stardust-demo/
Source:GitHub
ExpressRAIL Assistant
About:ExpressRAIL Assistant was deployed to retail floors and reseller's websites and facilitated the ordering of one of the company's railing systems. After generating a list of needed parts, the list and the customer's drawing could be emailed to the customer. This feature added significant security concerns, since it rendered user-generated HTML, converted it to a PDF, and emailed it to a given email address. To better secure this feature, the backend service was restricted such that it would only communicate with the app's frontend service, a keyword filter was put in place to prevent the app from parsing unexpected HTML, and rate limiting was put in place to prevent the backend service from being abused as a spam gateway.
Technologies:JavaScript, CSS, PHP, EC2, wkhtmltopdf, Git
Theme
Reset settings