Carson Fleming

Developer

Engineer

Designer

Hacker

Palantir Technologies

Software Engineer

  • Maintained, optimized, and built inside a massive microservice ecosystem using YAML, Java, Scala, and Cassandra.
  • Independently scoped, implemented, and tested large features and OKRs comprising dozens of PRs and tens of thousands of lines of code.
  • Provided on-call support for enterprise-scale Foundry data platform serving millions of users.
  • Tracked down and eliminated all known causes of data indexing failure within the Ontology offering.
  • Designed and implemented a highly scalable rearchitecture of the core Ontology Spark pipeline, rescuing a half-billion dollar contract.
Palantir

Stanford University

B.S. in Computer Science

  • Graduated in June 2023
  • Performed a Concentration in Systems
  • Studied modern cybersecurity, compiler theory, and operating systems primitives in extensive detail.
  • Built fully functional exploit reproductions, compilers, and operating system kernels in C, C++, and x86-64 assembly.
  • Developed profound expertise using GDB, including to reverse engineer binary files.
Stanford University

Neuvik Solutions

Red Team Intern

  • Wrote and deployed Terraform cloud architecture for a Capture-the-Flag activity utilized at DEFCON 30.
  • Performed red team engagements and penetration tests with Fortune 500 clients.
  • Created tools in-house tools and shell gadgets for use on deployments in JavaScript, Rust, and x86-64 assembly.
Neuvik Solutions

Komodo Health

Full Stack Engineer Intern

  • Built and tested API endpoints in Python using Django for a cloud-based medical data solution harnessed by 19 of the top 20 pharmaceutical companies globally.
  • Maintained and extended production-facing SQL pipelines and React interfaces.
Komodo Health

Medidata Solutions

Data Science Intern

  • Created an arm's-length analysis platform using Python and Pandas to aggregate restricted patient data while maintaining confidentiality.
  • Developed a scalable graph tracing method for clinical trial data accumulation.
  • Optimized cohort attribution techniques by pairing proprietary data with public statistics.
Medidata Solutions

Venafi

Network Security Intern

  • Built management applications in C++, enabling corporations to monitor security assets (SSL certificates, SSH keys) across distributed fleets.
  • Added new features, improved test coverage, and resolved major library conflicts, in a production codebase serving enterprise clients such as GEICO, CISCO, and Wells Fargo.
Venafi

Phillips Exeter Academy

High School

  • Co-head of Exeter Computing Club
  • Tech Lead of The Exonian Newspaper
  • Highest Honors (like Dean's List) all 4 years
  • Cum Laude Society member (top 20% of GPA holders)
Phillips Exeter Academy

ELF Eater

Linux x64 Virus

  • Self-replicating payload delivery gadget in x86-64 assembly, which preserves an infected program's original function.
  • Machine code is compressed down to 50% of its original size using instruction synonyms, for wider compatibility.
  • Product of deep research into the Linux kernel's ELF program loader.
  • Source will not be disclosed to the public because that would be releasing a virus. :)
ELF Eater Virus

Penguin's Kiss

Command & Control Software

  • Convenient, easy-to-use command and control framework in Python.
  • Support for multiple clients per server and mass or targeted distribution of commands.
  • Can spawn client PTY shells, capable of supporting ncurses applications like vim seamlessly.
  • End-to-end encrypted using state of the art public key cryptography and a one-time pad cipher.
  • Host signature verification based on a configurable database.
  • Support for DNS beacons.
  • Source available on GitHub.
PK Command & Control Software

DNS-CC

Command & Control Software

  • Command and control framework over the DNS protocol in NodeJS.
  • Does not require a direct connection to the host.
  • Ability to discretely transfer files into, and execute shell commands on, airgapped and/or sandboxed environments.
  • Successful research and implementation of the DNS protocol by hand.
  • Source available on GitHub.
DNS-CC Command & Control Over DNS

obf.js

Javascript Obfuscator

  • NodeJS script that obfuscates JavaScript code such that it no longer contains alphanumeric characters.
  • Perfectly preserves the obfuscated code's original function.
  • 30-50x message expansion on obfuscation.
  • Implementation of an idea I saw on YouTube.
  • Source available on gist.
obf.js Javascript Obfuscator

Bulletin

Job Marketplace

  • Full-featured odd jobs marketplace platform for student workers, written in PHP and MySQL.
  • Workers can see job postings, apply to ads, and read reviews to ensure employers are trustworthy.
  • Employers can build profiles to improve their credibility, post job offerings, and select from a pool of applicants.
  • Once jobs are completed, both parties leave a satisfaction rating and optional review.
  • Source available on GitHub.
  • A notional demo instance is run at cflems.io.
Bulletin

Hello!

  • I grew up in Palo Alto, California, and currently live in New York.
  • I have been developing applications in *nix environments for over twelve years.
  • My expertise includes but is not limited to systems programming, GNU utils/scripting, data science, and algorithm design.
  • I have done full stack professionally, but backend is what I most enjoy. I will not pursue a pure-frontend role.
  • I seek work that makes a positive difference in the world.
Me :)

Reach out to [email protected] if you'd like to get in touch.

Use my PGP key (fingerprint: 7CC5FC9F) for end-to-end encryption if you value your privacy.

Privacy-focused clients like ProtonMail and Thunderbird will find this automatically.