Welcome, dear reader!
This page contains much of the information that can be found on my resume, including my educational background, professional certifications, work history, skills, links to pieces I’ve written for previous employers, CVEs I’ve discovered, and (public) tools I’ve written.
While building this page, I realized that much of the last 10+ years of my professional existence might as well be classified. Most of the tools I’ve written were stored in internal repositories, or are otherwise considered the property of my former employers. All of the reports I’ve written are (of course, and very rightly) under NDA because of the nature of the work I do for my clients. For the same reason, I don’t keep copies after reports are presented to the client, because I consider that basic professionalism and ethics for this work. So that makes it really hard to show anything tangible, or to make myself stick out to recruiters when so much of my career is shrouded in mystery.
When I got my first “full-time hacker” position, it was as a Penetration Tester for NetWorks Group, under former NSA Red Teamer, Neal Bridges. One of the first things he explained to me was that in this line of work, you can either: A) Use client names, but never speak a word of anything you do, ever; or B) Tell stories that you’ve scrubbed and anonymized as much as possible, while never uttering a client name, ever. I’ve always enjoyed telling stories, so the choice was obvious for me, and I think I am going to use that same choice in how to help relate some of the work I’ve done.
The next few pieces I write on this blog will likely focus on some stories from my career that either show some of my best work (while doing my best to protect all parties involved), or that will allow me to present some tool or technique I’ve been wanting to speak about for years but felt like I couldn’t for some reason, things I was too busy to slow down and talk about, things that are too old for anyone to be mad about, or anything that will let me talk about hacking in-general while showcasing my skills and helping fill in for any apparent gaps in my resume.
Thank you for reading, and I hope you enjoy the content that’s yet to come!