Carson Fleming

Nice to meet you!

I'm Carson.

I grew up in Palo Alto, California, and have been developing applications in Unix-like environments for over twelve years now.

My expertise includes, but is not limited to: Systems Programming, Distributed Computing, Data Sicence, GNU Utils/Scripting, and Algorithm Design.

• Systems Programming
• Distributed Computing
• Data Science
• GNU Utils and Scripting
• Algorithm Design

I have done full stack development professionally, but the backend is where I feel most comfortable.

Currently I'm living in New York, and revolutionizing the social climate with 222.

222 Place

Backend Engineer

De-alienating the Social Media Millenium.

Palantir Technologies

Software Engineer

• Maintained, optimized, and built inside a massive microservice ecosystem using YAML-defined REST APIs, Java, Scala, and Cassandra.
• Independently scoped, implemented, and tested large features and OKRs comprising dozens of PRs and tens of thousands of lines of code.
• Provided on-call support for enterprise-scale Foundry data platform serving millions of users.
• Tracked down and eliminated all known causes of data indexing failure within the Ontology offering.
• Designed and implemented a highly scalable rearchitecture of the core Ontology Spark pipeline, rescuing a half-billion dollar contract.

Stanford University

B.S. in Computer Science

• Graduated in June 2023
• Performed a Concentration in Systems
• Studied modern cybersecurity, compiler theory, and operating systems primitives in extensive detail.
• Built fully functional exploit reproductions, compilers, and operating system kernels in C, C++, and x86-64 assembly.
• Developed profound expertise using GDB, including to reverse engineer binary files.

Neuvik Solutions

Red Team Intern

• Wrote and deployed Terraform cloud architecture for a Capture-the-Flag activity utilized at DEFCON 30.
• Performed red team engagements and penetration tests with Fortune 500 clients.
• Created tools in-house tools and shell gadgets for use on deployments in JavaScript, Rust, and x86-64 assembly.

Komodo Health

Full Stack Engineer Intern

• Built and tested API endpoints in Python using Django for a cloud-based medical data solution harnessed by 19 of the top 20 pharmaceutical companies globally.
• Maintained and extended production-facing SQL pipelines and React interfaces.

Medidata Solutions

Data Science Intern

• Created an arm's-length analysis platform using Python and Pandas to aggregate restricted patient data while maintaining confidentiality.
• Developed a scalable graph tracing method for clinical trial data accumulation.
• Optimized cohort attribution techniques by pairing proprietary data with public statistics.

Venafi

Network Security Intern

• Built management applications in C++, enabling corporations to monitor security assets (SSL certificates, SSH keys) across distributed fleets.
• Added new features, improved test coverage, and resolved major library conflicts, in a production codebase serving enterprise clients such as GEICO, CISCO, and Wells Fargo.

Phillips Exeter Academy

High School

• Co-head of Exeter Computing Club
• Tech Lead of The Exonian Newspaper
• Highest Honors (Dean's List equivalent) all 4 years
• Cum Laude Society member (top 20% GPA at graduation)

ELF Eater

Linux x64 Virus

• Self-replicating payload delivery gadget in x86-64 assembly, which preserves an infected program's original function.
• Machine code is compressed down to 50% of its original size using instruction synonyms, for wider compatibility.
• Product of deep research into the Linux kernel's ELF program loader.
• Source will not be disclosed to the public because that would be releasing a virus. :)

Penguin's Kiss

Command & Control Software

• Convenient, easy-to-use command and control framework in Python.
• Support for multiple clients per server and mass or targeted distribution of commands.
• Can spawn client PTY shells, capable of supporting ncurses applications like vim seamlessly.
• End-to-end encrypted using state of the art public key cryptography and a one-time pad cipher.
• Host signature verification based on a configurable database.
• Support for DNS beacons.
• Source available via GitHub git.

DNS-CC

Command & Control Software

• Command and control framework over the DNS protocol in NodeJS.
• Does not require a direct connection to the host.
• Ability to discretely transfer files into, and execute shell commands on, airgapped and/or sandboxed environments.
• Successful research and implementation of the DNS protocol by hand.
• Source available via GitHub git.

obf.js

Javascript Obfuscator

• NodeJS script that obfuscates JavaScript code such that it no longer contains alphanumeric characters.
• Perfectly preserves the obfuscated code's original function.
• 30-50x message expansion on obfuscation.
• Implementation of an idea I saw on YouTube.
• Source available on gist war.

Bulletin

Job Marketplace

• Full-featured odd jobs marketplace platform for student workers, written in PHP and MySQL.
• Workers can see job postings, apply to ads, and read reviews to ensure employers are trustworthy.
• Employers can build profiles to improve their credibility, post job offerings, and select from a pool of applicants.
• Once jobs are completed, both parties leave a satisfaction rating and optional review.
• Source available via GitHub git.
• A notional demo instance is run at cflems.io.