Projects

Blockchain applications hold real money in publicly visible code. Every vulnerability is a potential heist, and attackers are watching 24/7. I work in this space to find these bugs before they do. Below are some vulnerabilities and articles that I've written about:

As a senior in college, I created the Spokane Cyber Cup in order to aid in the learning of the local students in the Spokane, WA area. The original event included over 60 students from 6 different colleges and 3 high schools, along with 15+ coaches that helped the students on challenges and 2 speakers. We have now run the event multiple times and it continues to grow each year.

The whole purpose of the event is to allow students to learn in a fun environment, while showing them potential paths for the future. Links to the event information including challenges, solutions, pictures and other things can be found below in the 'Read More' tab. Major shoutout to all of the coaches and people who contributed to the event.

Signals are all around us, yet no one notices. Garage doors, car key fobs... everywhere. Since consumer devices utilizing the radio spectrum are everywhere, I have dedicated time to getting my HAM radio devices and analyzing these devices. From garage door openers, to RC cars to scoreboards, it only gets more interesting from there!

Heap exploitation feels like a dark art in the realm of binary exploitation. Because of the incredible complexity of this art, I made it my mission to understand it and further everyone else's understanding alongside it.

I created a workshop/training for GLibC Malloc heap exploitation that was taught at DEFCON 29, ToorCon, CanSecWest, and Hackfest. The full training is available as a video series on YouTube. This blog has several articles on heap exploitation such as the House of Muney, GLibc 2.32 New Malloc Protections and many others (see more below). I've also posted many proof of concepts to the how2heap repository as well.