I want to work with you to make sure your programs, your people, and your company are secure. I'm available for a daily rate to look over your protocol designs, software implementations, and for consulting to help you keep your business secure. To give back to the community, I substantially reduce my rate for published free or open source software (GPL, BSD, CC0, etc.) as well as open-access research.
What I can do:
- Evaluate the design and implementation of cryptography software.
- Check web code for XSS, SQL injection, session, password hashing, etc. vulnerabilities.
- Find memory corruption bugs in C and C++ code.
- Write proof-of-concept exploits for vulnerabilities.
- Verifying vulnerability fixes.
- Train your developers and staff.
Here are some examples of my security auditing work: