Hey! I’m legacv, a student at Purdue University studying cybersecurity & network engineering technology. If you’re here from a job application I sent in, you might want to read my Why me? page.

This blog is meant to host my blog posts and act as a portfolio for what I’ve done as an undergraduate (& beyond?)

My interests lie in penetration testing; I’m familiar with network and web application pentesting, and am developing an interest in ICS/SCADA systems & hardware. I’ve got my eJPT certification, as well as my Security+. In the past, I’ve worked on the InfoSec team of a medium-size organization doing application security testing, some security automation & process streamlining, phishing metric analysis, & various other projects. Currently, I’m on the cybersecurity team of a different, much larger organization, working with AWS GuardDuty (blog posts upcoming) and, hopefully, Atomic Red Team.

As an undergraduate, the research I’ve done has mostly consisted of literature reviews. I’ve co-authored a paper on GSM cracking; made a strain of ransomware; analyzed BlueKeep, EternalBlue, and DirtyCOW; and written about the application of Merton and Agnew’s Strain Theories on The Shadow Brokers and their data theft. I’ve just finished (as of May ‘25) a paper about the vulnerabilities that rehosting (or lift-and-shift) introduces into a company’s cloud environment, though I’d like to do more research on the subject.

I also run a homelab, this blog, and do various CTFs. My team placed 5th in the fall 2024 experienced bracket of NCL, 4th in the spring 2025 standard bracket of NCL, and 8th in CyberSEED 2025.

Happy to provide a resume on request, though it may not be as up-to-date as this blog. Email me at legacv@proton.me (PGP key) or DM me on Mastodon at legacv@infosec.exchange. I’m also @legacv on HackTheBox, TryHackMe, picoCTF, NCL…