scott j roberts
intelligentsia in training, network security ninja, pancake visionary, former mixtape master, failed fashionista, bad guy catcher @github
My Twitter Stream- My GitHub
- My LinkedIn
- My Instagram
- Goodreads
- Contact Me
-
Tweets
- Wine and cheese night... [pic] — http://t.co/9arjTHcHel
- @evejou In the battle for hearts and minds the ammunition is tweets. #sadbuttrue
- @A_Tina23 Preach! ⛪
- Watching the lacrosse team I helped start 12 years ago play in districts. Feeling old. http://t.co/yEJGUwSbEo
- @kylemaxwell Is it? I’m pretty sure that’s just the axiomatic definition of intelligence.
- @TroegsBeer I didn’t even know this, but I was already on my way over to have one.
- @bkeepers Just use -f on everything, that works for me most of the time.
- RT @BiIIMurray: I’ve got 99 problems and 86 of them are completely made up scenarios in my head that I'm stressing about for absolutely no …
- Reading through Practical Malware Analysis and would love a “study buddy”. Thinking two chapters a week, collab via email/@github. Takers?
- @kylemaxwell @mkonda Sounds like there was a lot of bourbon if you’re admitting crazy stuff like that.
- @mkonda That @kylemaxwell is just too kind.
- @ktneely I did consider adding a scotch, should have. Creme brûlée might have been too heavy for reversing, more of a OSINT dessert. 😜
- Sitting on my front porch, smoking a good cigar, reading about reversing malware. It’s hard to imagine anything more peaceful right now.
- @A_Tina23 I think we’ve all had that dream. Also add “Airplane seats I actually fit in”.
- @NateSestina23 I look forward to my tshirt and welcome packet next time we head up to Empo.
- @mattjay And was I correct?
- @NateSestina23 Belated wishes man. I didn’t want to show up K by sending them before her. Happy 16th!!! 🎂
-
Repositories
- Presentation on applying the open-collaboration philosophy to the process of governing/ Pushed May 09, 13
- The Sleuth Kit (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence./ Pushed Apr 08, 13
- / Pushed Mar 21, 13
- A set of templates for documenting threat intelligence2 forks / 1 watcher / Pushed Feb 28, 13
- A tool to retrieve malware directly from the source for security researchers.1 watcher / Pushed Feb 07, 13
- / Pushed Feb 05, 13
- Graph-theoretical investigation of a corpus of malware obtained from the web/ Pushed Jan 28, 13
- A script & now Cocoa app for generating two word code phrases... for stuff.3 watchers / Pushed Jan 01, 13
- ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.1 fork / Pushed Dec 21, 12
- The Textmate bundle I created for writing and editing Snort rules.3 watchers / Pushed Nov 14, 11
- A quick script for carving relevent slices of PCAP for analysis I used at Defcon CTF 2010.1 fork / 3 watchers / Pushed Jul 17, 11
- A quick little script for capturing network activity using tcpdump.1 watcher / Pushed Jul 14, 11
- The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.48 forks / 73 watchers / Pushed May 18, 13
- codesake dawn is the static analysis engine for ruby powered web applications used in codesake.com application security portal10 watchers / Pushed May 17, 13
- Malformity is a Maltego project based on the Canari framework for malicious binary and infrastructure research.4 forks / 17 watchers / Pushed May 16, 13
- Source for the w3af web application attack and audit framework, the open source web vulnerability scanner.40 forks / 79 watchers / Pushed May 16, 13
- 4 forks / 13 watchers / Pushed May 14, 13
- 2 forks / 22 watchers / Pushed May 10, 13
- A community-driven framework for managing your zsh configuration. Includes 120+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, macports, etc), over 120 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.3769 forks / 9983 watchers / Pushed May 09, 13
- The exceptionally handsome dashboard framework in Ruby and Coffeescript.299 forks / 4132 watchers / Pushed May 09, 13
- A tool to retrieve malware directly from the source for security researchers.7 forks / 31 watchers / Pushed May 04, 13
- A demonstrator for Sinatra and Twitter's Bootstrap34 forks / 87 watchers / Pushed Apr 28, 13
- A network sniffer that logs all DNS server replies for use in a passive DNS setup11 forks / 111 watchers / Pushed Apr 24, 13
- Python Scripts for use with Hopper Disassembler6 forks / 65 watchers / Pushed Apr 10, 13
- 7 forks / 96 watchers / Pushed Mar 26, 13
- A Tool To Leverage Virus Total's Private API Key1 fork / 5 watchers / Pushed Mar 25, 13
- Scripts for manipulating and using OpenIOC format IOC's3 forks / 8 watchers / Pushed Feb 19, 13
- Graph-theoretical investigation of a corpus of malware obtained from the web3 forks / 6 watchers / Pushed Feb 10, 13
- Cuckoo Sandbox Local Maltego Transforms Project2 forks / 5 watchers / Pushed Feb 09, 13
- G-Yara is a Web Base (PHP) yara rule editor. It's a handy way to test yara rule as you write them.1 fork / 7 watchers / Pushed Dec 05, 12
- Presentation for Drupal4Gov -- 8/29/20122 forks / 2 watchers / Pushed Oct 19, 12
- cymruwhois is a simple Ruby module that utilizes Team Cymru's IP to ASN Mapping via DNS queries. The module was conceived as an IP geolocation alternative to GeoIP.3 watchers / Pushed Mar 04, 12
- virustotalapi is a Ruby module that interfaces with the VirusTotal API via HTTP POST and JSON responses.1 fork / 3 watchers / Pushed Sep 11, 11
- Ruby bindings for the yara file analysis and classification library10 watchers / Pushed Aug 26, 11
-
Info
- Bad Guy Catcher at GitHubComputer & Network Security | Harrisburg, Pennsylvania Area, USSummary
I am a full time Bad Guy Catcher for GitHub Inc. I act as a subject matter expert on network security monitoring, incident response, and threat intelligence.
I am also completing my degree at Penn State University majoring in Information Science and Technology with a focus on System Design and Development with an Information Assurance option, completing my degree part time through independent research.
Specialties: Network security, Unix Client Security, Unix Server Security, Windows Client Security, Active Directory, Group Policy, Vulnerablity Assessments, Network Auditing, Host Auditing, Wireless Auditing.Experience- Nov 2012 - PresentBad Guy Catcher / GitHub
Keeping source code safe by whatever means necessary.
- Feb 2012 - Nov 2012Senior Intelligence Specialist / Vigilant, LLC
- 2010 - Dec 2011SOC Technical Lead / ManTech International
- Jun 2008 - Mar 2010Security Consultant / Mandiant
- Jan 2007 - Jun 2008Threat Analyst: Managed Security Services / Symantec
- Conducting threat analysis for Symantec global Managed Security Services three primary teams, spanning 450+ enterprise customers, spread over four contents, ranging from Financial Services to National Infrastructure.
- Providing documentation, research analysis, handling instructions, as well as customer facing reports and analysis.
- Functional conduit between regional analysis teams and Symantec’s world wide information security intelligence group, Deepsight, conducting specific customer and industry analysis to support Deepsight research and findings.
- Architecting redesign of the Security Operations Center Technology Platform, including key initiatives, in support of creating a new world class analysis console and back end.
- Leading the effort to redevelop six week security analyst training curriculum to develop trainee analysts to deal with cutting edge threats. - Apr 2006 - Jan 2007Security Analyst: Managed Security Services / Symantec
- Performed advanced network threat analysis, validating attacks and accessing impact for Fortune 500 and private enterprise clients of various industries.
- Provided appropriate tactical and strategic recommendations to clients for incident remediation and proactively preventing future attacks.
- Collaborated with client security teams, third party consultants, and Symantec in-house engineering to implement recommended security countermeasures.
- Researched current vulnerabilities, attacks, and appropriate countermeasures, as well as producing internal documents to educate other analysts. - Oct 2004 - Apr 2006Curriculum Designer / Penn State University's NSA Center for Information Assurance Excellence
- Created teaching materials, focused on hand on laboratory exercises, to be used in Information Security classes under a grant from the National Science Foundation.
- Proctored lab sessions using these exercise, providing guidance and extending the educational experience for students.
- Completed multiple accepted, juried research papers submitted to various Academic Information Security Conferences. - Jun 2005 - Aug 2005Network Security Intern / The Hershey Company
This was my third summer with Hershey and a very different experince from the previous two. This summer I spent much of my time working more as a Security Architect than a Security Analyst, focusing my time on writing new policies, evaluating new technologies, and helping to prepare Hershey for current and upcoming threats. I also worked on increasing our utilization of current investments and auditing our current technologies and practices.
- May 2004 - Aug 2004Intern Information Security Analyst / Hershey Foods Corporation
Focused primarily on desktop specific issues. Extensive time spent on systems auditing and hardening, policy compliance, investigations and forensics, wireless exposure testing, and technology evaluation. Also deeply involved in document creation, creating security summaries, position papers, threat analyses for executive management, and other technical writing tasks.
Education-
2011 - 2012Penn State UniversityBS in Information Science & Technology
-
2004 - 2006Penn State UniversityB.S. in Information Science and Technology: System Design and Development
-
2003 - 2003University of Maryland Baltimore CountyBS in Computer Science
-
2002 - 2003Shippensburg University of PennsylvaniaBS in Computer Science
Activities: Student Researcher in collaboration with facility, Programming Team member
Additional Information-
Websites:
-
Honors:•GIAC Certified Incident Handler (GCIH) •Holder of the DoD NSTISSI No. 4011: Information Systems Security Professional Certification. •Paper Review Committee Member - 10th & 11th Colloquium for Information System Security Education.
-
Interests:Cyber Threat Intelligence, Intelligence Driven Network Security Monitoring, Exploit Techniques and Defense, Information Assurance Teaching and Training, Information Warfare & Espionage
-
Photos
-
Reading
