Carson Fleming
Developer
Engineer
Designer
Hacker
Software Engineer
Maintained, optimized, and built inside a massive microservice ecosystem using YAML, Java, Scala, and Cassandra.
Independently scoped, implemented, and tested large features and OKRs comprising dozens of PRs and tens of thousands of lines of code.
Provided on-call support for enterprise-scale Foundry data platform serving millions of users.
Tracked down and eliminated all known causes of data indexing failure within the Ontology offering.
Designed and implemented a highly scalable rearchitecture of the core Ontology Spark pipeline, rescuing a half-billion dollar contract.
B.S. in Computer Science
Graduated in June 2023
Performed a Concentration in Systems
Studied modern cybersecurity, compiler theory, and operating systems primitives in extensive detail.
Built fully functional exploit reproductions, compilers, and operating system kernels in C, C++, and x86-64 assembly.
Developed profound expertise using GDB, including to reverse engineer binary files.
Red Team Intern
Wrote and deployed Terraform cloud architecture for a Capture-the-Flag activity utilized at DEFCON 30.
Performed red team engagements and penetration tests with Fortune 500 clients.
Created tools in-house tools and shell gadgets for use on deployments in JavaScript, Rust, and x86-64 assembly.
Full Stack Engineer Intern
Built and tested API endpoints in Python using Django for a cloud-based medical data solution harnessed by 19 of the top 20 pharmaceutical companies globally.
Maintained and extended production-facing SQL pipelines and React interfaces.
Data Science Intern
Created an arm's-length analysis platform using Python and Pandas to aggregate restricted patient data while maintaining confidentiality.
Developed a scalable graph tracing method for clinical trial data accumulation.
Optimized cohort attribution techniques by pairing proprietary data with public statistics.
Network Security Intern
Built management applications in C++, enabling corporations to monitor security assets (SSL certificates, SSH keys) across distributed fleets.
Added new features, improved test coverage, and resolved major library conflicts, in a production codebase serving enterprise clients such as GEICO, CISCO, and Wells Fargo.
High School
Co-head of Exeter Computing Club
Tech Lead of The Exonian Newspaper
Highest Honors (like Dean's List) all 4 years
Cum Laude Society member (top 20% of GPA holders)
ELF Eater
Linux x64 Virus
Self-replicating payload delivery gadget in x86-64 assembly, which preserves an infected program's original function.
Machine code is compressed down to 50% of its original size using instruction synonyms, for wider compatibility.
Product of deep research into the Linux kernel's ELF program loader.
Source will not be disclosed to the public because that would be releasing a virus. :)
Penguin's Kiss
Command & Control Software
Convenient, easy-to-use command and control framework in Python.
Support for multiple clients per server and mass or targeted distribution of commands.
Can spawn client PTY shells, capable of supporting ncurses applications like vim seamlessly.
End-to-end encrypted using state of the art public key cryptography and a one-time pad cipher.
Host signature verification based on a configurable database.
Support for DNS beacons.
Source available on GitHub .
DNS-CC
Command & Control Software
Command and control framework over the DNS protocol in NodeJS.
Does not require a direct connection to the host.
Ability to discretely transfer files into, and execute shell commands on, airgapped and/or sandboxed environments.
Successful research and implementation of the DNS protocol by hand.
Source available on GitHub .
obf.js
Javascript Obfuscator
NodeJS script that obfuscates JavaScript code such that it no longer contains alphanumeric characters.
Perfectly preserves the obfuscated code's original function.
30-50x message expansion on obfuscation.
Implementation of an idea I saw on YouTube.
Source available on gist .
Bulletin
Job Marketplace
Full-featured odd jobs marketplace platform for student workers, written in PHP and MySQL.
Workers can see job postings, apply to ads, and read reviews to ensure employers are trustworthy.
Employers can build profiles to improve their credibility, post job offerings, and select from a pool of applicants.
Once jobs are completed, both parties leave a satisfaction rating and optional review.
Source available on GitHub .
A notional demo instance is run at cflems.io .
Hello!
I grew up in Palo Alto, California, and currently live in New York.
I have been developing applications in *nix environments for over twelve years.
My expertise includes but is not limited to systems programming, GNU utils/scripting, data science, and algorithm design.
I have done full stack professionally, but backend is what I most enjoy. I will not pursue a pure-frontend role.
I seek work that makes a positive difference in the world.