Security Research

Skills honed through hobby projects and professional engagements, specializing in reverse engineering bot detection systems

Advanced Bot Detection

Imperva Incapsula Bypass

Cracked Imperva's reese84 cookie generation by reconstructing their entire client-side validation flow from obfuscated code.

TECHNIQUES USED:

Babel AST parsingJSDOM environmentTLS spoofingDevice fingerprints
JavaScript Deobfuscation

PerimeterX Deobfuscator

Built a deobfuscator for PerimeterX's heavily protected JavaScript that reveals their behavioral tracking and WASM integration.

TECHNIQUES USED:

AST transformationControl flow analysisString decryptionWASM disassembly

Browser Fingerprint Scanner

Demonstrating browser fingerprinting techniques used by bot detection systems. Your browser reveals more information than you might think.

Hi, I'm Jay

Security Researcher • Reverse Engineer

I dissect bot detection systems and analyze obfuscated code to understand how modern web defenses work. My research focuses on responsible disclosure, improving defensive security, and developing evasive web scraping techniques.

Security Research

Areas of expertise in offensive security and reverse engineering

Web Application Security

Identifying and exploiting vulnerabilities in modern web apps, from XSS to authentication bypasses.

OWASP Top 10Burp SuiteAPI TestingJWT Attacks

Bot Detection & Evasion

Reverse engineering anti-bot systems like PerimeterX, DataDome, and custom fingerprinting solutions.

JS DeobfuscationTLS FingerprintingBrowser AutomationSensor Data Spoofing

Reverse Engineering

Analyzing obfuscated JavaScript, compiled binaries, and encrypted protocols to understand hidden functionality.

IDA ProGhidraDevToolsAST Analysis

API Security Testing

Finding and exploiting API vulnerabilities, from broken authentication to excessive data exposure.

GraphQL InjectionRate Limiting BypassIDORAPI Fuzzing
50+
Vulnerabilities Found
100+
Systems Analyzed
15+
Fingerprints Bypassed
200+
APIs Tested

Quick Facts

Get to know the person behind the code

Location

Berea, Ohio

remote-first

Tools

IDA Pro, Ghidra, Burp

reverse engineering

Languages

JS, Python, Go

full-stack development

Focus Areas

Anti-Bot Systems, Reverse Engineering

security researcher

Jay - Full Stack Developer

Research Highlights

Bot Detection Systems Bypassed1
JS Deobfuscated15+
Tools Developed1
"Don't worry about failure; you only have to be right once."

- Drew Houston, CEO of Dropbox

My Skills

Technologies and tools I use to bring ideas to life

Tools Knowledge & Experience

Ghidra50%
Chrome DevTools100%
Frida85%
Burp Suite100%

Bot Detection Bypassed

Imperva/Incapsula100%
PerimeterX50%

Programming Languages

JavaScript/TypeScript100%
Java100%
Go50%

Fingerprinting Techniques

Canvas Fingerprinting100%
WebGL Analysis100%
Audio Context100%
TLS/JA3 Fingerprinting100%

Tools & Technologies

Burp Suite
Wireshark
Git
Docker

Continuous Research

Security evolves constantly as new detection methods emerge. I actively research the latest bot detection systems, analyze new obfuscation techniques, and try to develop novel bypass methods. I focus on understanding and documenting these systems to learn how the battle field is changing every day

JavaScript DeobfuscationTLS FingerprintingBrowser AutomationCaptcha SolvingRequest Forgery

My Experience

A timeline of my professional journey and education

Work Experience

Software Engineer

Metrosmoke

06/2024 - Present
Brookpark, OH

Shopify-backed POS & warehouse flow, built for real-time ops. The challenge? Price & inventory updates lagged and paper pick-lists caused errors during rush hours. I rebuilt the product sync around Shopify's APIs, designed a lightweight picking UI, and containerized everything with one-click deploys. Now releases happen whenever we need them, updates feel instant at the register, and picking accuracy has noticeably improved. Docker + Git-based CI/CD means rollbacks take minutes, not hours.

ReactNode.jsShopify APIsDockerGitCI/CD
Work Experience

Network Engineer

Oxheberg LLC

01/2023 - 06/2024
Remote

Kept a small KVM fleet stable under pressure. When spiky traffic led to resource contention and crypto-mining attempts started appearing, I stepped up to tune the KVM hosts and harden our iptables rules. Built DDoS-resistant firewall policies with traffic shaping, created playbooks for incident response, and set up monitoring to catch anomalies early. The result? Fewer incidents, faster remediation, and predictable performance for production workloads.

KVMLinuxiptablesNetwork SecurityDDoS Mitigation
Education

B.S. in Computer Science (Cybersecurity Focus)

Ohio State University

Expected 06/2027
Columbus, OH

Diving deep into the academic side of cybersecurity while actively applying concepts to real-world bot detection challenges. Currently tackling Software Development I & II alongside Linear Algebra through remote learning. What makes this interesting is how theoretical concepts from class directly inform my security research - understanding data structures helps me reverse engineer obfuscated code, while algorithm analysis improves my approach to bypassing detection systems.

CybersecuritySoftware EngineeringLinear AlgebraData StructuresAlgorithms

My Spotify 🔥

Real-time Spotify API integration showcasing currently playing tracks and listening history. A live demonstration of OAuth authentication and REST API consumption.

Not currently listening to anything

Recently Played

Loading Spotify data...

Get In Touch

Send a Message

Contact Information

Email
hi@madebyjay.dev
Phone
+1 (609) 510-6558
Location
Berea, Ohio
Resume
Download PDF

Social Links