Work & Projects

A selection of professional projects, open-source contributions, and things I’ve built along the way.

Offensive Security Training Labs

Built vulnerable-machine infrastructure and training apps used by thousands of students working toward OSCP, OSWE, OSCE, and OSWP certifications.

Ruby on Rails Python AWS Linux

8,000+ hrs mentoring · 5+ years

Rails 5 → 7.2 Migration

Executed complex Ruby (2.7.5 → 3.3.8) and Rails (5 → 7.2) migrations on production apps with zero downtime. Migrated Paperclip to ActiveStorage and added integration coverage.

Ruby 3.3 Rails 7.2 ActiveStorage RSpec

Minimal disruption · improved test coverage

AI / LLM Integration Mentoring

Guide developers in secure AI and LLM adoption, applying the OWASP LLM Top 10. Patterns for prompt security, evaluation, and safe tool use.

LLMs OWASP LLM Top 10 Python Ruby

Active program · in production use

AWS Serverless Back-End

Designed Ruby Lambdas and S3-backed ActiveStorage for scalable media pipelines. Custom API endpoints on EC2 behind load balancers.

AWS Lambda S3 EC2 Ruby

Production workloads · scalable

Braintree / Venmo Payments Features

Built new features for Braintree and Venmo payment applications at PayPal. Pair programming, strong review culture, high reliability bar.

Ruby on Rails Python VIM/TMux

Payments critical path

Greyhat — Writing & Research

Essays and research on web technologies, work-life balance, and the integration of AI into modern software practice.

Writing AI Security Open Web

Ongoing publication

More to come

Additional case studies, open-source contributions, and security research write-ups are on the way. In the meantime, the main portfolio has the full work history, and my personal blog covers research and commentary.