Served as the key developer for gofuzzyourself - a fast, simple, and tiny web fuzzer (written in Go). Developed the web fuzzer with a process flow to allow web developers and even pen-testers to know what routes are available at an endpoint, with a routing script. (e.g. Was the page found? Are you allowed on that page? Are you being redirected? What happens when you set a custom user agent?). Created various security rules in the web fuzzer to perform GET, HEAD, or POST method requests, spoof headers, follow redirects, and even sleep a random time (set from predefined values) in the event of a throttler. Implemented keyword and status code filtering.

This is a simple tool for brute-forcing password authentication in SSH (written in Go). Developed gofindssh with the idea of fighting fire with fire with a SSH Brute Forcer, which disallowed users to use password authentication with weak passwords. Created the security features enabling gofindssh to dial the “victim's” address on the specified port, check if the machine is up, load the username and password files in memory, and validate if login is successful. Ensured that all authentication attempts were done concurrently via go routines, with each username and password pair simultaneously tested in a worker pool based on a buffered channel.

An event based, multi-server IRC framework written from scratch in Go. Developed gophirc to have the capability to connect to multiple servers at the same time using go routines, with the ability to add and serve multiple events per callback. Created features to immediately receive and manage PING requests, automatically register with the server, and join the channels when invited. Implemented rules such as defaults and value checking in the config, parsing CTCP messages into events, and built in a basic set of commands. Set up the framework to have the capability of setting multiple administrators, along with multiple ignored users.

Performed general sysadmin work on Debian GNU/Linux systems. Managed servers and Virtual Private Servers (VPSs). Installed and configured web servers for hosting PHP web apps or proxying the traffic to services listening locally. Identified, cleaned, and restored more than 30 domains from being hacked through vulnerable services and web apps. Applied reverse engineering in obfuscated web shells to understand what they do, how they work, and what payloads they send and receive. Configured services to block brute force authentications. Created a self-hosted mail server and set up Let’s Encrypt for SSL/TLS certificates with automatic renewal.

Successfully implemented a two-factor authentication (2FA) method by SMS using multiple gateways (e.g. Nexmo). Maintained consistent communication with clients via email, phone/conference calls or Slack - a collaborative team communication application.

Web developer for Team REQUEST on the 'Gas-Pipe' project. Created a simple WordPress website with custom design/pages and custom contact forms with validation and captchas. Migrated the old website from simple HTML pages to a fully functional WordPress setup. Created and configured two custom contact forms with validators and captchas and set up a Google AdWords campaign for the project.

Actively worked on the development of Word Spider (Wospi) - a world wide web word crawler for generating word lists (used Python for development). Implemented features on Wospi to get words of a minimum length as specified by the user or use of a custom user agent. Created additional features to allow Wospi to save the stripped version of the words as well, which removes often used symbols such as dots, commas, and quotes.

Refactored old, non-standard code; applied best practices and code conventions Improved API performance Implemented referring system using both app credit & Stripe credit Improved search filters' performance & added custom time filter Implemented custom, responsive & dynamic calendar