$ whoami
Nine years writing systems software — embedded firmware, Linux kernel drivers, and computer vision on custom ARM hardware. Now reverse-engineering Android binaries and building offensive tooling, because the most interesting bug is the one nobody knew was there.
// currently: Apple silicon by day · Android security research after hours
01 / ABOUT
I'm pivoting into Android security and red teaming. I'm fascinated by the offensive side: understanding systems deeply enough to find where they break. If it's low-level and technically interesting, I want to understand it.
I shipped my first Linux kernel module in 2018 and haven't looked up since. The last nine years were embedded firmware, kernel drivers, and computer vision running on custom ARM hardware — real-time pipelines, hardware bring-up, the whole stack from bootloader to user-space.
Today I'm at Apple (contract via Sasken Technologies) on hardware/firmware integration. Before that, eight years at Gantz-Mountain — a defense AI startup in Monterey shipping low-level systems on custom embedded platforms.
// WHAT I'M GOOD FOR
02 / SKILLS
// rated 1–5 against production deliverables
Where 9 years live. Production firmware, kernel, real-time.
Active focus. Honest level — pivoting in.
Reach for outside the deep-systems work — automation, web, ML.
03 / EXPERIENCE
Building offensive tooling and reading kernel/Android internals with adversarial eyes — the visible half of a deliberate pivot from systems engineering into red team.
stack: Python · C · Frida · mTLS · SQLite · Svelte 5
System-level software, automation, and diagnostics across hardware platforms. Cross-functional work with firmware and hardware teams in a high-scale production environment.
stack: C · C++ · Python · Linux · Shell
Eight years at a defense AI startup. Bare-metal firmware, kernel drivers, BSP customization, real-time computer vision pipelines on custom embedded ARM hardware.
stack: C · C++ · Linux · ARM · MATLAB · Lua
04 / PROJECTS
Personal projects I'd actually point a hiring manager at. Each links to its source.
Three-transport red-team framework (raw TCP, mTLS HTTPS, beacon/callback) with a Svelte operator dashboard. Built to learn modern C2 architecture from first principles.
78 end-to-end tests in 9s · 20 task types · dual-language implant (Python + C) · HMAC-SHA256 endpoint derivation · ±20% beacon jitter
A searchable SvelteKit learning portal for a Markdown-first offensive security curriculum, including modules, CTF prep, labs, Android material, progress tracking, and review paths.
Markdown ingestion · generated content index · searchable library · local progress export/import · direct lesson URLs
A toy content delivery network implementing edge caching, origin pull, RFC 7234 cache validation, and geographic routing. Built to understand CDN internals without library shortcuts.
Origin-pull + edge cache · DNS-based geo routing · cache-control header parsing · invalidation API
Iterative resolver written against RFC 1035 wire format — no library shortcuts. Walks roots → TLDs → authoritative servers, handles A/AAAA/MX/CNAME, retries on truncation.
Zero external DNS libs · UDP wire-format parser/encoder · root-hint bootstrap · TCP retry on TC bit
Local-only home security console for cameras and sensors with real-time alerts and a clean web interface. Self-hosted, no cloud round-trip.
WebSocket-driven real-time UI · multi-feed video · sensor event stream · zero external dependencies at runtime
05 / CONTACT
Open to offensive security and red team roles — contract or FTE. Also up for systems engineering, embedded, or anything low-level.
// usually reply within 48h