I'm a rock climber with a knack for full stack software development and cyber security. But you came to find out more. So let's get started.
About
I am a self-starter who is passionate about helping people by making their online activities safer and more secure. As an avid full-stack developer, I enjoy creating applications and tools that help stop breaches, either directly or by empowering others to be efficient and effective cyber defenders, security analysts, penetration testers, and incident responders. I thrive on solving challenging problems, engineering complex systems, and keeping up to date with the latest technologies in software development.
I graduated from the University of Central Florida in 2020 with honors, where I participated in collegiate rock climbing and cyber security competitions while completing my degree in Computer Science with a double minor in Secure Computing and Networks and Mathematics. I graduated from Lyman High School’s Institute for Engineering in 2016, having taken courses in Robotics, Digital Electronics, Aerospace Engineering, CAD Design, and Computer Science.
As a software developer I am passionate reducing technical debt through efficient design an documentation, creating clean & modern interfaces with focused UX patterns that reduce friction, creating apps that increase productivity through solving specific needs, and user-focused features that make software feel magical. I also just really enjoy solving real-life problems with software, and have no problem open sourcing my projects and contributing to the F/OSS community when I can. For those who are interested, while I used to do most of my development using Vim and tmux, I have now transitioned to VS Code (with vim bindings, of course).
I am a follower of Jesus Christ, the Son of the living God. To employers, this means that I am a diligent worker that will do my job not for money, but to honor God with my hard work ethic (Colossians 3:23) and to be a witness to others (Matthew 5:16). I trust God to provide for me (Philippians 4:19) and strive for good relations with my co-workers (Romans 12:18). To everyone else, being a Christian means I attribute my accomplishments, financial well-being, and status to Him alone (1 Corinthians 15:57); they were given to me so that I may glorify Him, give to others, and enjoy the life He has given me (1 Timothy 6:17-19). It means that when I encounter difficulty, I don’t complain or look for someone to blame; I dwell in the growth that I know is coming (Romans 5:3), lean on Him for the strength needed to lead me through (Psalm 34: 17-18), and then glorify Him for His strength when mine runs out (2 Corinthians 12:9-10).
I have been rock climbing for over a decade, competing through the youth circuit and placing well in many National Championships before moving to Chattanooga and switching to more outdoor climbing. My best result was in 2013 when I got 4th for speed climbing in the Male Youth B age bracket and went on to the World Cup, where I placed 16th. After that victory, I doubled down on bouldering and placed 6th at the National Championship in the Male Youth A age bracket two years later. I now focus on outdoor bouldering and the more social side of climbing, like introducing new people to the sport and showing people around the many local climbing spots.
I started the Netrunners CyberPatriot team in 2014, and our team went on to win the CyberPatriot National Competition in 2016. I am now a mentor for the team and continue to help with their Linux security skills, as I myself learn more through training for the Collegiate Cyber Defense Competition at UCF. Though the Netrunners have not returned to nationals yet, while I was a member the UCF CCDC team placed 2nd in the nation in 2018 and 2019 after winning the Southeast CCDC. My other achievements in cyber security include winning the 2017 and 2018 national Panoply/E-Sentinel competition (red team) and winning the Fall 2018 Lockdown v5 competition at the University of Buffalo (blue team).
Projects
I’ve always got a lot going on, but I wouldn’t have it any other way. I love to talk about my projects, so feel free to ask any questions you have!
Active Projects
These are projects I am currently working on, or have worked on in the past month.
For my full-time job I am a software engineer for DirectDefense working on their ThreatAdvisor web app, which is used by DirectDefense consultants and clients to collaborate and improve the client's security posture. It is a really fun project where I have been able to increase my relational database skills and contribute with my JavaScript experience and design work. I can't speak of the details of the project here, but if you are a company looking for a partner in improving your security, DirectDefense has everything you need, from penetration testers and consultants to policy review and active monitoring. Tech Used: ASP.NET, React/Typescript, SQL Server, Kafka, Cypress, Ant Design, KnockoutJS, Bootstrap, Visual Basic, Webpack, Yarn, NPM, Vite, Rollup, Swagger, IIS, WSFC (Windows Server Failover Cluster) management, VMWare vCenter High Availability, Docker, Sentry, ServiceNow Integration, CKEditor, Cube.JS
atemOSC is an OSC server for controlling BlackMagic video switchers. It allows users to use apps such as TouchOSC and Lemur to design custom interfaces for controlling their video switcher by mapping a wide range of OSC commands to BlackMagic SDK commands. Combined with software such as OSCulator, it allows midi panel control of switchers for a fraction of the price that BlackMagic would charge you for their proprietary controllers. Tech Used: XCode, Objective-C, Travis CI, VVOpenSource/OSC
This is a spin-off from the CC Orlando App. I forked the inactive react-native-popover into react-native-popover-view, rewriting a lot of the core logic, migrating to TypeScript, and adding various features. I discovered a way to integrate this Popover view into React Navigation, so that views that show as modals on phones would show in a popover on tablets, and created react-navigation-popover. To test these projects, I also created react-native-popover-view-test-app, which can be used by others to check out the features and see if it will work for them. While I haven't maintained react-navigation-popover due to lack of interest, the main Popover project has been growing in popularity and integrated into many other react native applications, which is super encouraging to see. I'll continue maintaining it as long as people are using it and I can afford to. Tech Used: React Native, TypeScript
Inactive Projects
These are projects that I haven’t worked on for a while, but intend to get back to.
After years of struggling with training for cyber-security compeitions, for my capstone project I pitched an idea for a blue-team training platform that provides for defenders what Hack-the-Box provided for attackers. 5 other computer science majors joined my cause, and we created a great platform for creating and running blue-team training simulations in the cloud. We created custom Linux and Windows scoring agents (learning from my experience with LWASP), and integrated them tightly with the rest of the system that we built fully serverless on AWS. VMDefender can run simulations on-demand in the cloud and provide hands-on training experience to cyber defenders at all level, with nothing more than a browser, OpenVPN, and SSH/RDP clients. I would love to pick back up and continue this project eventually, because I really believe it could help people, but haven't had the time to do so. Tech Used: AWS (Amplify, EC2, VPC, VPN, Lambda, Cognito, DynamoDB, API Gateway, S3, CloudFront, AppSync), React/Typescript, Ant Design, Terraform, Python, RDP/SSH (user-facing)
The RevealFM radio app allows listeners to stream the Cumberland, PA based station to their iOS or Android devices anywhere in the world, as well as browse the list of regular teachings that are aired on the station. I've spent a lot of time making sure the music listening experience feels completely native to users, so when songs are streaming it feels like they are from a legitimate music streaming service. I love the message of hope that this station proclaims through its worship music and teachings, and can't wait to see how God uses this app for His glory. (All graphics for this app created by Paula Airesman; It's been a pleasure working with her and the team up in CC Cumberland). Tech Used: React Native, Firebase (database, functions)
The CC Orlando App is a cross-platform church app with a past sermon browser, event system, and bible reader built in. I've baked a lot of cool features into this Firebase-backed project, and way more goes on behind the scenes than anyone would guess. You can download it from the App Store and Google Play Store. Tech Used: React Native, ReactJS, Firebase (database, auth, functions, hosting), Python, Objective-C, Java, Origami, BeautifulSoup (web scraping), Sketch
Per the name, my OSC Scene Controller listens for OSC commands in the form of '/scene/key' and then sends out a predefined list of OSC commands to the appropriate endpoints, allowing for 1-tap transitions in lights, video, and sound for show control. It is very flexible and extensible, allowing for mapping, list resolutions, varied delays on sends, MIDI triggers, and other powerfull features. Recently, I also adding routing capabilities, so that it can send messages that start with prefixes other than `scene` to their appropriate destinations. With this, you can send all show control messages to this scene controller, and let it talk to the appropriate OSC endpoints. Written in Python, it runs on MacOS, Windows, and Linux, and is so lightweight that it can be run in parallel with other show-critical software. It works great with atemOSC, DMXIS, D-Pro, OSCulator, and any other software that talks over OSC. Tech Used: Python, YAML, pyinstaller, pythonosc, tkinter
I developed a working attack for the POODLE attack against SSLv3, which was discovered in 2014 and is now almost fully mitigated. The exploit code, available on Github, was accompanied by a presentation and report given in the Intro to Cryptography class that I took in Fall 2018. This project was really valuable to my own learning, and required me to dig deep into SSL/TLS Wireshark analysis, NFQueue through IPTables, raw packet manipulation, practical padding oracle attacks,and CORS request usage with cookies. You can find out all about the project on the Github, as well as track the progress I make. I have tons of ideas for where to take this exploit, and aim to increase it's value as an informational tool to demonstrate the potential of attacks like this. Tech Used: Python, Scapy, JavaScript, NetFilterQueue
Though missing a lot of polish, my Full-screen OSC timer is an excellent way to show a timer or a clock to a speaker while presenting, so that they can stay on track. It is a simple python script that can be run on any computer and listens for OSC input, then shows either a clock or a stopwatch that can be controlled by OSC commands. Combined with my scene controller at my church, we can automatically have the stopwatch start when the preacher starts speaking and have it available to them as a reference throughout the service. We have a Raspberry Pi that starts the full-screen timer on boot, and then sends the video output to a projector pointed to the back wall of the sanctuary. I may expand this to display arbitrary messages and a countdown time as well, but I'm just adding features as needed right now. Tech Used: Raspberry Pi, Python
Archived Projects
These are projects I probably won’t get back to, but I am still proud of and have learned a lot from.
Working with a team on a class project, in a few weeks we developed the Salu contact manager from scratch. Salu is built on MongoDB, NodeJS, and Express on the backend, and Vue + Bootstrap on the front end. We used JSON Web Tokens (JWTs) for authentication, powered by Passport and bcrypt for session authentication and password hashing. This was a great opportunity for me to be exposed to building custom web apps using a modified MEAN stack, getting more familiar with JWTs, and coordinating with a team over Git + Discord. I really enjoyed the simplicity of Vue and the great developer tools, and appreciated the continuity of using JavaScript for the entire stack. Tech Used: NodeJS, Express, Vue, Bootstrap
Did some development work for Total Concord Cleaning, but I'm under an NDA so can't say much past that. Tech Used: React Native, Firebase (hosting, firestore, auth), Hexnode MDM, Sketch
The same team that I worked on Salu with also helped build the Keyper Password Manager as our final project. I'd been using password managers for a while and was intrigued to re-engineer their security features to gain a better understanding of how they work. This was a very fun challenge, because we wanted to make a password manager that required no user trust in us as development team. To that end, we open-sourced all of the code and used client-side encryption, so all password entries were encrypted on the client side with the user's password using AES-256. With both a website and an Android app, we had to write equivalent client-side serialization and encryption functions in JavaScript and Java to ensure interoperability. The backend is built on Python Flask and MongoEngine, while the website used a full Angular stack, including Angular Material. I designed the website to be more simple to use than any password manager I've tried so far, with type-anywhere-to-search, shortcuts to copy any field and launch the site, a front-page password generator, and dynamic tags for grouping password entries (one category per entry was never enough for me). This project was a great chance to learn Angular and JavaScript hashing & encryption. Tech Used: Angular, Python, Flask, MongoDB, Android Studio, Java
The website at unity18.ccorl.com was built for Calvary Chapel Orlando's annual True Youth Conference, taking place in August. The website allows you to quickly see all of the important details, learn more about the three speakers, register for the conference, and contact the organizers. I built this using the Hugo static website generated with a heavily modified blog-based theme, and then set up registration through the Firebase back-end for the CC Orlando App using Stripe for processing payments. I've archived this for now because the website is complete and live, but I suspect I will be working on it again next summer before the conference. Hugo, Firebase (hosting)
The Linux Watchful Adaptive Security Compliance is a scoring engine for Debian-based Linux images, designed to help cyber security students improve their skills by scoring points for fixing vulnerabilities. LWASP has a simple graphical interface that allows instructors to quickly set up vulnerable images. The active scoring report is reminiscent of that used by the CyberPatriot program, and is especially helpful for students training for the CyberPatriot competitions. I've done my best to make the code modular, so that open-source contributors can easily extend the framework for their own needs. This has been archived in favor of the scoring system that we build for VMDefender, which is an overal better solution to the same problem. Tech Used: Python, ReactJS, BASH, GTK, pytest
This was created while I was an officer of the National Honor Society in High School. Wanting a way to track members, contact information, shirt sizes, meeting attendance, and community service hours, all while allowing for all officers to be able to administer the club, I created this Groups Manager. It accomplished all I was hoping for, allowing for administration through the mobile app by multiple officers simultaneously. Unfortunately, I only made it on iOS, and ran out of time to create the Android equivalent or a web site, and thus this project had to be put on hold. However, you can still check out the website and watch the video at encompassx.com/groupsmanager. It is worth noting that I won my district's Congressional App Challenge that year for my submission. Tech Used: Couchbase (self-hosted), ReactJS, dovecot/postfix, PHP, NGINX, PaintCode, BASH, iptables, Android Studio, Java
My passion for the Zendrum drove me to create this configurable, multi-touch drum machine for iOS devices. It worked well, allowing for near-instantaneous sound playback with intensity-based triggers and various modes, but the lack of interest and amount of work still needed to produce a finished product forced me to move on to other projects. However, this project taught me iOS development with Swift, advanced touch handling, and precise resource allocation, in addition to improving my skills in user interface and graphic design. Tech Used: XCode, Swift, PaintCode, Crashlytics
The Web Information Modular Management Portal (WIMMP) is a web server based on RethinkDB and Horizon, that allows for easy personalization of a template interface for sharing files, links, and information with viewers. It was designed for short-term use during trainings and conferences, and is easy to deploy. It is now live on NPM, though it did not work the last time I tested it. I plan to resurrect and re-engineer it a bit if I have time, because I still think it could be valuable as a tool for quickly setting up portal sites for tech conferences. However, if I don't have time, I may just archive it, because I suspect there are better options available these days that are more stable and up-to-date. Tech Used: Horizon, ReactJS, Webpack, Sketch
This was created while I was the Chief Petty Officer of a local Sea Cadet unit. I noticed that keeping attendance on Paper was tedious and did not adapt to changing circumstances, and manually calculating PRT scores was even worse, so I created an app to do it for me. NSCC Manager was actually a fairly comprehensive app, allowing for configurable attendance taking with parameter injection and PDF Report generation; quick and easy PRT score entry, immediate score calculation, and score tracking over time; and cadet information tracking, including rank, age, and contact information. NSCC Manager was a one-stop shop for day-to-day unit administration, and even had a web portal that allowed for viewing of attendance records and PRT scores. Unfortunately, lack of traction in the unit and at NHQ forced me to abandon this project. However, it was an amazing introduction to AWS, including DynamoDB, IAS, and other services, as well as advanced view configuration on iOS. It also introduced me to the world of software documentation and business, as wrote up documents and proposals to send to NSCC National Headquarters. Tech Used: AWS (DynamoDB, Lambda), XCode, Objective-C, jQuery, Apache, Sketch
You can learn more about the project itself at OpenGimbal.net. During the 2 years that I worked on the project during High School, I created a re-vamped interface that was responsive, looked pretty cool, and was easier to navigate. I added joystick control to the telescope and overhauled large portions of the code to make it more readable and efficient. Tech Used: Arduino, Python, jQuery, Sketch
This is another spin-off from the CC Orlando App. Currently it can only trigger one special vibration type on iOS, but I hope to expand it to include a wide variety of different vibration types and port it over to Android as well. This has been archived in favor of react-native-haptic-feedback, where I contributed to make their library just as performant as mine was for my specific use case. Tech Used: React Native, JavaScript, Objective-C, Java
I released this as the final project for my AP Calculus BC class in my junior year of High School. It is very simple, and uses a (custom) specially-built graphing library to model a variety of concepts that I learned in the class. It is great for visual learners to play around with the abstract concepts using various types of functions and interactive calculations. You can download it for iOS devices on the App Store. Tech Used: XCode, Objective-C, Sketch
I’m going to try to keep this list up to date with my most recent projects and status, and hopefully add more elaborate descriptions to some of the projects with all of the glorious technical details for those interested.
Contact Me
Thank you for your message
Personal Electric Vehicles
A Personal Electric Vehicle (PEV) is a compact and portable electric vehicle designed for personal transportation. PEV's come in many forms, including electric unicycles, electric scooters, electric skateboards, OneWheels, etc.
Meet other riders in Chattanooga
If you own a PEV and live near Chattanooga TN, join the Facebook group to meet other riders in the area.
PEVs are great for commuting and for fun. There are a ride range of videos, blogs, and communities online that you can visit to learn more, or you can visit a local shop near Coolidge Park to try one out.
I prefer electric unicycles because of their range, speed, maneuverability, portability, and off-road potential. I’ve been riding one since 2016 and have fallen in love with the magic of moving smoothly at high speeds, then seemlessly transitioning to walking to go into a store, talk to people, or admire the view. It has always felt like having a super power, and judging from the looks and comments I often get while riding, it seems that others agree.
In the fall of 2016, I spoke with the pastor of my church about church apps; it seemed that almost every church had one. However, I wasn’t crazy about the features offered by popular church app builders, and he wasn’t crazy about the price, so he gave me the opportunity to build a custom app for our church. I was excited to try out React Native, and already had a vision for what I wanted to do, so I jumped right in.
Before I get into the details, I am proud to say that after a year of active development, the app is now live on the App Store and Google Play Store. Feel free to download it and let me know what you think. I am keeping the source code private for now while I consider opportunities for monetization.
Goals / Features
With my app, I wanted to re-define what a church app should do. I’ve built a contextual interface that adapts to the current day and the available content, making sure that members are informed of what they care about and can easily find what they are looking for. A big part of the app is a mini social network, where ministry leaders can create events and announcements, and church members can “follow” these ministries in the app to stay up to date on the latest in each ministry.
Furthermore, I had always thought that bible apps, though rich in features, were inelegant, so I set out to design a built-in bible reader that was intuitive and fast.
Lastly, I wanted to build a great interface for finding, listening to, and watching past sermons. Last week’s sermon is always waiting for you on the home tab, and you can browse through all of our sermon collections, download sermons, and control the audio while following along in the bible tab. One of the most-used features of the app is the contextual bible verse lookup: on Sundays, the verses that the pastor references in his sermon are available as quick links in the bible tab, so that members of the congregation don’t have to waste time searching for verses during the message.
This is just the beginning; there are so many more goals I have for this app, and a whole roadmap of features lined up.
Components
The complexity of this project meant that I had to develop and maintain 4 independent components:
1. The CC Orlando App itself (built using React Native)
2. An administrator’s portal for ministry leaders to use to manage their ministries and other elements of the app (built using React)
3. The database and corresponding processing functions (to trigger actions based on database changes)
4. Python scripts to automate web scraping to load content from the website into the database
I used Firebase as a back-end, including their Real-time Database, Functions, Authentication, Messaging, Storage, Hosting, and other services they provide. Because my church is not too large, I’ve been able to use their service within the free tier, which has been a huge blessing.
History
The Design Process
I started the design with some rough sketches, and then moved on to a full prototype in Sketch. After trying various iterations of the prototype on my phone using inVision, I picked a design style that felt comfortable on both Android and iOS.
Kicking off the Back-end
I spent the majority of my winter break in 2016 building the administrator’s portal from scratch. It was a glorified database editor, but designed for people who are not as familiar with technology. As such, it was a tedious process of adding lots of feedback, instructions, and working out all of the bugs.
Getting Dirty
After that, I got off the ground with React Native (RN), and was pleasantly surprised by the ease of development using hot reloading. However, I kept bumping into the limitations of RN: to use any sort of native functionality, you either have to rely on community modules or develop your own. To have my audio engine work well with streaming and offline playback, I had to create a fork of react-native-sound that uses AVPlayer instead of AVAudioPlayer on iOS.
Another pain was the fast development cycle of RN itself; every few weeks, a new major version was released, often breaking my Xcode and gradle configuration, as well as outpacing the community modules I depended on. It was a nightmare to keep up with, and I had to send several PR’s to community modules to keep them up to date as well. But I was determined to ship with the latest version of RN available, and that’s what I did.
As I started to get my app up and running on tablets, I hit another snag: RN was simply not built for split-screen on tablets. As the proud owner of a 12.9” iPad Pro, this bothered me, so I worked on a fork of react-native-device-info that allowed my to get the initial dimensions of my app no-matter what configuration it was launched in. Then I found another issue: I wanted to use a popover view so that views on tablets didn’t always go full screen. This spawned another adventure, that you can read about in my “React Native Popover View” project below.
The adoption of React Navigation as the official navigation library for my app spawned further issues after iOS 11 was released. I found out the hard way that the maintainers don’t test on tablets, so all of their iOS 11 “fixes” actually broke navigation on tablets. I’ve submitted two pull requests to fix the functionality, and as of this writing am still waiting for them to go in.