SCROLL DOWN
// ABOUT ME //
Hey, I'm Robert! Thanks for stopping by. In the modern world, having not only security be an integral part of the development process but also part of culture is increasingly important in the face of rampant cyberattacks.
That's my mission. Since 2019 I've been involved with cybersecurity, and while I like breaking websites wide open, I love locking them down from attacks. Even this portfolio website has a few nifty security tricks up its sleeve despite the small attack surface. (Try bypassing Cloudflare, and if you laugh I'd love to grab a coffee.)
I've done everything from pitch a cybersecurity business while having just started in the field and still getting into an accelerator, to flying to Europe and collaborating with and competing against some of the best university-level hackers on the planet. Am I the best penetration tester or security developer on Earth? Who knows? But I love educating folks looking to get into the field through presentations at my university, and advocating for better security in both conversation and research.
You can find my contact information at the bottom of this page, below my resume, projects, and articles. Let's chat!
// RESUME //
Sept. 2023 - Present
Conducted a security analysis on an automated submission server using Java and expertise in data encoding and networking, identifying and patching a data leakage vulnerability that could have potentially led to hidden input dataset exposure
Clarified an assignment ambiguity with a student through active listening and proficiency in algorithms and data structures, pinpointing and addressing core issues related to understanding and approach
May. 2023 - Aug. 2023
Developed an automation suite using HTML, JavaScript, and VBA to enhance data audit processes, resulting in a 200\% increase in efficiency
Conducted research on a proprietary operating system to evaluate antivirus needs, leveraging expertise in security vulnerabilities and operating system security for a targeted assessment
Crafted a comprehensive data flow diagram for an internal service, collaborating with experts and leveraging expertise in firewalls, cloud architecture, and network protocols to present information to auditors
Jan. 2023 - Apr. 2023
Investigated a client application issue on an Azure Virtual Machine, utilizing Docker, networking, and cloud platforms to pinpoint the root cause of monitoring software failure
Implemented a C\# and ASP.NET feature in a Windows environment to export system log data in CSV format, streamlining log processing for IT personnel
Resolved a high-priority ticket blockage in a development environment by identifying and rectifying a discrepancy using SQL, ensuring seamless progress
Explored artificial intelligence and machine learning technologies to identify monitoring tool enhancements, presenting findings to company leadership and incorporating a new technology into the tool's potential tech stack
May. 2022 - Aug. 2022
Identified and addressed hard-coded credentials in a Ruby on Rails application, mitigating potential risks from source code leaks
Detected a critical denial-of-service condition in a medical application using regular expressions and Burp Suite, averting a potential system shutdown
Developed a BASH script for Nmap scans on all subdomains of a given domain, streamlining reconnaissance in security testing
Developed a Python script employing concurrent programming and web scraping techniques to parse library manifests and scan for vulnerabilities on Snyk, enhancing static analysis speeds for vulnerable components by 200\%
Utilized AWS Elastic Compute Cloud to deploy a server, leveraging networking expertise to assess web application server-side request forgery vulnerabilities
Contributed findings to client-facing reports, applying CVSS and DREAD scoring, CIA triad principles, and realistic attack scenarios to fortify client security posture
Jan. 2022 - Apr. 2022
Engineered an HTML-based document renderer, replacing an unmaintainable MS Word-based generator. Utilized HTML/CSS, JavaScript, and template engines to create a robust solution for generating professional reports in a sustainable manner
Conducted vulnerability assessments on a WordPress site using wpscan and OWASP ZAP, uncovering two instances of outdated components with known security vulnerabilities
Performed a thorough review of source code for a client-facing application, employing vulnerability databases, search engines, and NodeJS expertise. Identified an unmaintained library spanning 8 years, prompting the adoption of more contemporary and secure code
Resolved a critical issue in Django Forms causing data disappearance. Employed rigorous testing and source code review to pinpoint the root cause, averting data corruption and preventing severe delays in report delivery
May. 2021 - Dec. 2021
Fixed a Java-based Intellij code scanner bug using integrated debuggers and creative troubleshooting to ensure proper rendering of custom breakpoint icons, preserving the professional appearance of the application
Developed and implemented a secure password reset feature using Angular and Django, as well as researching one time passwords to enhance website security
Established a comprehensive backup and restore workflow for an internal tool using Django management scripts and the SendSafely REST API, enabling disaster recovery and DevOps version control
Implemented a secure authentication system for a client-facing application with Single Sign-On and JWT authentication in TypeScript and SvelteKit, ensuring authentication without storing client credentials
Managed Docker-based application deployments, applying self-taught skills in both Docker and Git to adapt the environment in line with Agile development practices
Accelerated GitHub repository curation for a collaborative event with CENGN by 350\% through a Python script utilizing the GitHub API
Developed custom PostgreSQL queries to aggregate data in Django, enhancing data visualization for employee performance analysis
// PROJECTS //
Project NOAH // 2023 - Present (WIP)
Stack: Notion, Python, FastAPI, NextJS, React, GraphQL
Developed a campaign planner for the Lancer TTRPG, evolving from a Notion template to an in-progress SaaS application
Addressed a significant barrier to entry in the Lancer community by analyzing needs through discussions and personal experience, resulting in the sale of over 100 licenses
Explored GraphQL and REST differences, determining that GraphQL was optimal for Project NOAH's data model with potential deep nesting
Designed a Notion template leveraging relational databases like PostgreSQL, streamlining campaign notes storage across multiple documents for improved accessibility
KaliDocker // 2023 - Present
Stack: Linux, Docker, BASH
Created a system for easy setup of Kali Linux Docker containers for CTF events, utilizing Just for a hassle-free setup with minimal dependencies
Personal Website // 2021 - Present
Stack: SvelteKit, Django, PostgreSQL, Nginx, Docker, Github Actions, Digital Ocean
Maintaining continually evolving, cloud-hosted web application with focus on ease of maintenance and security, leveraging knowledge of Docker, web servers, IPv4 networking, and security principles to keep site running smoothly
Selenium Oxide // 2022 - 2022
Stack: Python, Selenium, Burp Suite, Git
Engineered browser-based web exploitation library in Python using Selenium, featuring builder pattern workflow, stealth functions, cookie manipulation, and proxy compatibility