I'm a penetration tester at BAE Systems Applied Intelligence, where I've been lucky enough to have some incredible mentors in App/Infra testing, OSINT, Incident Response, Lock Picking, Bug Hunting and Social Engineering (still learning, mostly.)

My passion for all things hacking started when I was in high school and I quickly fell in love with the InfoSec Community. I try and dedicate as much time as I can to helping those at a fork in the road follow the right path and discover the opportunities and money that comes with acting ethically.

My areas of interest lie in Open-Source Intelligence, Drone Security and Threat Intelligence. I've also written a thesis on 'gamification in IT Security: A CTF approach' due to my absolute love for all things Capture-The-Flag (CTF) and wargames.

In Melbourne, you can most likely find me at SecTalks or working at DroneSec - feel free to get in touch if you'd like any more information about either of those, or have a chat in general.

+++++++++++ WORK EXPERIENCE +++++++++++

Lead Developer
Tinnitus Information Services
LocationLondon, United Kingdom
Was the lead developer at Tinnitus IS, using JavaScript, Ubuntu and all the coolest NoSQL technologies like MongoDB and used NodeJS heeeeaaaaaaps, pretty much master programmer there for their projects.

Some projects included:

ELFonashelf: A unique way of storing unix ELF binaries on Solaris Zones without any loss in permissions or filesize.

Snax: Snax has been hailed as an "on-the-fly URL encoder" (source: the interwebz) for creating XSS payloads. Result of inadequate B.Suite encoder. Project was soon integrated within Tinnitus core development systems (hell yeah NodeJS + XSS encoders!), where it would have made production if Karl hadn't kept taking my milk without asking.

You can view the project code on github here:


InstaFW: This was a project I made to help system admins defend their network in the event of an intrusion. Basically when it detects malware it provides a warning to the user to grab scissors and the exact location on the Ethernet cable where to cut. Project didn't make stable release because the demo's ended up never working....

: Th project was a result of when the , which means our systems were . Code is not available as its a sensitive project but elements can be provided with a warrant or a couple drinks at Ruxcon.