I'm a full-stack developer and cybersecurity professional who bridges the gap between secure coding practices and threat analysis. Currently pursuing my Computer Science degree at MSU Denver (graduating Spring 2026), I build robust applications while maintaining a security-first mindset.
π¬ Current Research: Conducting honors thesis on multi-agent LLM security vulnerabilities, developing an open-source testing framework for bili-core that enables systematic security evaluation of AI agent systemsβaddressing prompt injection, jailbreak attacks, checkpoint poisoning, and bias amplification.
- π Building Vulnerable Web Application - Flask app with intentional security flaws + secure refactor
- π€ Developing Multi-Agent AI Security Testing Framework - Python framework for automated LLM security testing
- π± Learning Web Application Security & Advanced Penetration Testing
- π Cybersecurity Competitions: MWCC 2023/2024, RMCDCC 2025
- πΌ Working at The Sustainability Hub - NSF-funded program making Colorado's environmental data accessible through a specialized RAG chatbot
- π Researching Multi-agent AI Security, Prompt Injection Attacks, LLM Vulnerabilities
Developing an extensible security testing framework for multi-agent AI systems:
Research Focus:
- π― Checkpoint Architecture Vulnerabilities - Attack vectors exploiting state persistence
- π Cross-Model Attack Persistence - Security vulnerabilities across different LLM providers
- π» Code Security Analysis - CWE pattern identification in LLM-generated code
- π§ Memory Management Security - Resilience against injection and poisoning attacks
- π Security Framework Development - Guidelines for production multi-agent systems
Key Contributions:
- Open-source multi-agent testing framework for bili-core
- Systematic vulnerability analysis across five attack dimensions
- Empirical security evaluation methodology
- Organizational security guidelines for AI deployment
Python framework using multiple LLM agents for automated security testing
- Multiple agent roles: attacker, defender, analyzer
- Automated security test generation and analysis
- Integration with security tools and APIs
- Direct application of honors thesis research
- Tech Stack: Python, LangChain, OpenAI/Anthropic APIs, pytest
Flask application demonstrating common vulnerabilities and secure remediation
- Intentional vulnerabilities: SQL injection, XSS, insecure file upload, weak sessions
- Comprehensive security documentation for each vulnerability
- Proof-of-concept exploits with code examples
- Secure refactored version with fixes
- Before/after security comparison report
- Tech Stack: Flask, Python, SQLAlchemy, PostgreSQL
Comprehensive security assessment of intentionally vulnerable application
- Full PTES/OWASP methodology implementation
- Executive summary and technical findings
- CVSS severity ratings and risk analysis
- Proof-of-concept exploit demonstrations
- Detailed remediation recommendations
- Target: DVWA/WebGoat/OWASP Juice Shop
- Software Development roles with security focus
- Cybersecurity Engineering positions
- Cybersecurity Analyst positions
- AI/ML Security Research opportunities
- DevSecOps opportunities
- Application Security positions
- Entry-Level Penetration Testing positions
- Security Research & Development
