Arcane bug-hunting braggart
Brian Carpenter is a passionate security researcher. But don’t take my word for it. Read what the Internet has to say about the one and only geeknik: “Self-starter” “highly motivated”
“offers anyone lucky enough to snag him with a couple of decades of experience”
“an open source aficionado” “creator of a healthy and robust network of like minded folks”
“if the code exists, he’s probably fuzzed it” Contact:
https://hackerone.com/geeknik/resume Key Accomplishments
• Responsible disclosure of flaws in FOSS resulting in the assignment of 100+ CVE (Curl, PHP, OpenSSL, Perl, Firefox, PHPMyAdmin, MantisBT, tcpdump, libpng and more!)
• Hacked the US Air Force, the US Army and the US Marine Corps!
• Recognized by dozens of Fortune 50, 100, 500 companies for the responsible disclosure of security flaws affecting their websites, networks and software.
• TIME Person of the Year 2006
• Knowledge of multiple languages, but master of none: Pascal, C, C++, Python, Ruby, Perl, Bash, etc.
• Many years of experience crashing and debugging C and C++ applications (QA, triage)
• Ability to properly fuzz C, C++, Ruby, Perl, PHP , Go and Rust apps and get results
• Knowledge of multiple operating systems: Linux, *BSD, Window$ Key Positions
• Geeknik Labs (1999 – Present) - Owner / Security Researcher:
- Built open-source Android Kernels for the Samsung Fascinate
- Participates on the Hacker0x01 platform hunting bugs (Top 150 overall, #1 Mapbox)
- Administered Linux and FreeBSD servers for various clients
- Hardened OpenVPN, Nginx (HTTP/2, TLS) and Apache (TLS) for various clients
- Fuzzed thousands of open source applications resulting in many, many, many bug reports • OpenDNS.com (pre-Cisco, 2011 – 2013) - Remote System Administrator:
- Monitored, troubleshooted and resolved issues with a world-wide network of DNS resolvers
- Zero downtime during my tenure while we served >50,000,000,000 daily DNS requests
- Rolled out a new corporate VPN using dual Juniper SA2500s w/ load balancing & failover
- Improved the corporate backup system for both dev and production using Zmanda