Professional Work
| Since 2017 | Walmart Labs | Senior Architect | Information Security Architecture |
| 2016–2017 | Oracle | Principal Engineer | Database Security Development |
| 2008–2015 | RSA | Principal Engineer | RSA NetWitness Development |
| 2005–2008 | Infosys | Technical Specialist | Finacle e-Banking Cryptography |
Open Source Work
| 2024–2024 | Tzero | Author | Social timeboxing for IRC channels |
| 2024–2024 | Guess My RGB | Author | Web-based RGB colour guessing game |
| 2023–2025 | FXYT | Author | Tiny, stack-based, postfix, canvas colouring language. |
| 2023–2025 | CFRS[] | Author | Extremely minimal turtle graphics with only 6 simple commands. |
| 2023–2023 | PC Face | Author | Bitmap arrays to render CP437 glyphs using PC OEM fonts |
| 2022–2024 | Devil | Author | Emacs minor mode for key translation and modifier-free editing |
| 2022–2024 | NIMB | Author | A simple client tool that bridges IRC and Matrix channels |
| 2022–2023 | Invaders | Author | A 1980s-arcade-style invaders game written in HTML5 |
| 2021–2024 | Emfy | Author | Emacs kit for general purpose editing and programming |
| 2021–2023 | Muboard | Author | Self-rendering virtual mathematics chalkboards for the web |
| 2021–2021 | Portacle | Contributor | Fixed paren matching (#18) and file name autocomplete (#19) |
| 2020–2024 | Emacs4CL | Author | Common Lisp development environment for Emacs |
| 2020–2023 | SPCSS | Author | Simple, minimal, classless CSS for simple HTML pages |
| 2019–2024 | MinTOTP | Author | Minimal TOTP generator in Python |
| 2018–2020 | Pylava | Maintainer | Community maintained fork of Pylama, code linter for Python |
| 2018–2023 | TeXMe | Author | Self-rendering Markdown + LaTeX documents |
| 2018–2019 | Slimv | Contributor | Improved support for Screen and tmux (#66), ECL (#87), Clojure 1.5+ (#88), and Clojure on Unix/Linux (#89 and #90) |
| 2018–2018 | GitPR | Author | Reference guide on GitHub fork and pull request workflow |
| 2015–2021 | Uncap | Author | Keyboard remapper to map Caps Lock to Escape |
| 2012–2025 | MathB | Author | Mathematics pastebin with live preview of LaTeX and Markdown |
| 2010–2024 | Vimer | Author | Vim tool to open files in existing instance of GVim/MacVim |
| 2008–2025 | QuickQWERTY | Author | Touch typing tutor that runs in a web browser |
| 2007–2009 | Apache Nutch | Contributor | Authentication schemes (#559), live recrawl (#601), DoS mitigation (#044), URL filtering (#612), and crawl configuration (#735). |
| 2007–2008 | WASC Script Mapping | Contributor | Automatic creation of a comprehensive list of all XSS attack vectors across major web browsers |
| 2006–2008 | OSVDB | Contributor | Analysis of security advisories |
Publications
| 2010 |
CGI Script Source Code Disclosure in Apache for Windows
Digit Fast Track to Ethical Hacking, Volume 05, Issue 06A, Jun 2010
(PDF)
|
| 2009 |
RSA SecurBook for VMware View RSA Security Inc., Dec 2009 (PDF) |
| 2009 |
RSA SecurBook for Microsoft SharePoint RSA Security Inc., May 2009 (PDF) |
Talks
| 2021 |
Multi-Cloud Security Monitoring and CIS Benchmarks Evaluation at Scale
RSA Conference 2021
(Video)
|
| 2019 |
A Tour of Matplotlib: From Bar Charts to XKCD-Style Plots
PyCon UK 2019, Cardiff City Hall, Cardiff, UK
(Video)
|
| 2018 |
From Pylama to Pylava: Building a Community Mantained Fork of Pylama
PyCon UK 2018, Cardiff City Hall, Cardiff, UK
(Video)
|
| 2006 |
OWASP Top Ten Security Vulnerabilities
OWASP Meetup, InfyCity, Bangalore, India
(Video)
|
Security Advisories
| 2007 | HomestayFinder XSS in Wikipedia Mirror (FD) |
| 2007 | Google Re-authentication Bypass (FD) |
| 2007 | Orkut Server Side Session Management Error (FD) |
| 2006 | Apache CGI Script Source Code Disclosure (CVE-2006-4110) (BID 19447) (Bugtraq) |
| 2006 | Community Architect Guestbook XSS (CVE-2006-2003) (Bugtraq) |
| 2006 | SQL Injection in incredibleindia.org (Bugtraq) |