Security enthusiast | Geocacher | Objectivist | Blogger | Researcher | Speaker | Amateur media critic | Wannabe toucan owner
21 Rochester, NY
I am a fourth-year student in the M.S. Computing Security program at RIT, just starting my career in the industry and striving to create secure, inclusive, accessible, and joyful technologies for all to use. My research interests are in system and network forensics, open-source intelligence, and disinformation.
I frequently participate in computer security red/blue competitions, Capture the Flag tournaments, and STEM outreach events around the world. Recently, I have been researching ways to apply OSINT to search and rescue missions, law enforcement cases, and threat intelligence. I also enjoy being a lifelong student by incorporating other disciplines and perspectives into my activities, from psychology and sociology to philosophy, journalism, communications, and political science.
I am a member of the RIT Security Club (RITSEC), RIT FIRST, and the RIT Honors Program in my spare time. I also enjoy adventurous activities such as geocaching and bouldering. In the future, I hope to obtain a Ph.D. in cybersecurity, own a paramotor, and adopt a rescue toucan.
Technical, professional, educational, and volunteer involvements
I was awarded the National Science Foundation's CyberCorps Scholarship for Service (SFS) while attending RIT to recognize my academic achievements and personal commitment to making national systems and data more secure and accountable to civilians.
I was also the recipient of the International Systems Security Association (ISSA)'s Howard A. Schmidt Award in honor of the past president of the ISSA International Board, presidential computer security adviser, and US-CERT chief security strategist, as well as the Black Hat Student Scholarship. I was awarded these scholarships due to my academics, activities, and desire to work in national security.
I currently hold GIAC Certified Incident Handler (GCIH), CompTIA Advanced Security Practitioner (CASP+), and Cisco Certified Cyber Ops Associate (CCCOA), as well as membership in the GIAC Advisory Board and other lower certifications. Certifications complement my academics, extracurriculars, and work experience, and I see them as an excellent way to validate and reinforce my growing skillset.
I plan to obtain further certifications in security analytics and blue team operations soon. These certifications will validate the skills I have learned through classes, personal and club projects, internships, and competitions.
HotH, FIRST, Scholarship America
I frequently advocate for cybersecurity proficiency and the technology workforce in the federal government. As part of Hackers on the Hill, I met with the Committee on Homeland Security and Governmental Affairs to address the cyber talent gap and the shortfalls in federal, state, and local cybersecurity employees.
I was one of 30 honorees at Scholarship America's National Dreams to Success Awards for improving STEM curriculum and extracurricular opportunities for students in rural areas. Involving myself as a FIRST Robotics volunteer, a Computing Security Ambassador, and an RIT IMPRESS member helps me achieve these goals.
A selection of projects and activities I've worked on
Recent Blog Post
I chose to re-evaluate the methodologies and rigor of academic malware publications for my CyberCorps and Advanced Malware Forensics research project. Based on the paper "Prudent Practices for Designing Malware Experiments," I re-performed the original experiment to determine if proper sampling, analysis, and safety measures improved since 2012.
I plan to continue developing this paper in the hope of submitting it to a conference sometime in 2021.
Watch my project presentation below.
My friends and I created a custom command-and-control server and Windows malware written in C++ for our Malware Reverse Engineering class. Our malware could obtain system information such as processes, usernames and passwords, network information, and operating system version. It also could send and receive files across a network using a custom encryption algorithm.
We also reverse engineered our client malware using IDA Pro and presented the project to our class.
Our detailed analysis is available below.
I reviewed the beta release of Volatility 3 for my Computer Systems Security final project. In my presentation, I explained how computer memory functions, introduced fundamental memory analysis and forensic techniques, and discussed the release of Volatility 3 as well as the landmark changes it presents for memory analysis.
Then, I demonstrated Volatility 3 by using various commands to identify the Zeus rootkit on a memory image obtained from an infected Windows system.
Check out the presentation and demo below.
I created a Docker container hosting a web server vulnerable to Shellshock (CVE-2014-6271) for a course CTF. The flag could be obtained using command injection via Apache cgi-bin and exploiting an outdated version of Bash. I also configured Snort on a separate Docker container to monitor exploitation and create a threat map on the class network.
I published the container and a video walkthrough of the exploitation commands at the end of the CTF.
The CTF challenge Docker container is available below.
Find me at one of these events:
Past projects and competitions are available on Medium
Employment, education, and skills
The Department of Defense provides the military forces necessary to protect the security of our country.
MITRE works in the public interest across federal, state, and local governments, as well as industry and academia, to bring innovative ideas into existence in areas such as artificial intelligence, data science, quantum information science, health informatics, space security, policy and economic expertise, trustworthy autonomy, cyber threat sharing, and cyber resilience.
Parsons is a leading provider of scientific, technical, and cyber solutions to the intelligence community specializing in defensive and offensive network intelligence solutions, closed network security engineering, weapons system intelligence, and facilities design and optimization.
Detailed work experience, classes, and testimonials are available on LinkedIn
Some fun stuff about me
Check out my travels on YouTube
If you don't know, the thing to do is not to get scared, but to learn.
A mind is like a parachute. It doesn't work if it is not open.
I never lose. Either I win or I learn.
Conquer anger with lack of anger; bad with good; stinginess with a gift; a liar with truth.
A creative man is motivated by the desire to achieve, not by the desire to beat others.
Treat people as if they were what they ought to be and you help them to become what they are capable of being.
The question is not who is going to let me; it's who is going to stop me.
Be a nuisance where it counts. Be depressed, discouraged, and disappointed at failure and the disheartening effects of ignorance, greed, corruption and bad politics—but never give up.
I am rich no matter what I lose. I'd rather risk it all to find the truth.
This whole time, I thought changing the world was something you did, an act you performed, something you fought for. I don't know if that's true any more. What if changing the world was just about being here, by showing up no matter how many times we get told we don't belong, by staying true even when we are shamed into being false, by believing in ourselves even when we're told we're too different? And if we all held on to that, if we refuse to budge and fall in line, if we stood our ground for long enough, just maybe the world can't help but change around us.
Get in touch with me