In offensive security since 2012 - in senior roles since 2018 - spanning penetration testing, red team operations, adversary emulation, mobile assessment, embedded security, product security, and capability development. The work has moved from finding individual vulnerabilities to building the platforms operators actually run engagements on.
That arc shows up in everything here. Years assessing IoT firmware, wireless stacks, consumer routers, web applications, APIs, cloud services, and mobile surfaces taught what targets actually look like under pressure - and why most tooling assumes a cleaner environment than operators get. Running cybersecurity work at Linksys / Belkin meant owning product-security testing, DoD-aligned validation, patch verification, shipping-cycle pressure, customer-impact constraints, and the gap between “we found it” and “we fixed it before release.”
Current work sits at the other end of the scale: offensive operations, adversary emulation, mobile assessment, embedded/RF review, ICS/SCADA assessment, and capability development for environments where discretion, repeatability, and owning the stack are not preferences. They are constraints.
The through-line is precision. Repeatable methodology. Building tools when commercial options leak telemetry, depend on third-party infrastructure, assume root where none exists, or fall apart at scale. CVE-2023-33105 - a high-severity Qualcomm WLAN host/firmware issue credited in Qualcomm’s March 2024 bulletin - was not the goal; it was the natural output of treating consumer wireless firmware the same way you would treat any other attack surface: methodically, with a proof-of-concept that survives scrutiny.
The projects here are selected for what they demonstrate: judgment under constraints, working systems over slideware, and evidence that can be checked without exposing work that should stay quiet.