Bryan Halfpap is a Principal Security Engineer with 13 years of offensive and defensive security experience, currently leading Application Security, Vulnerability Management, and Offensive Security at CoreWeave. He combines hands-on penetration testing and exploit development with automation and infrastructure-as-code to secure CI/CD pipelines and production services. His background spans radio and protocol reverse engineering, malware and C2 development, and web application security, evidenced by contributions to the KillerBee ZigBee toolkit and a DNS MITM/rebinding server on GitHub. Bryan excels at rapidly prototyping technical solutions, scaling red-team infrastructure (reducing prep times from hours to minutes), and translating complex findings into actionable guidance for engineering teams. He’s comfortable across languages and stacks—from Python and C to Django and PostgreSQL—and prefers fast-moving environments where experimentation drives security improvements. An operator at heart, he once attempted a drone-hacking product and continues to bridge low-level radio research with large-scale application security programs.
A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
Role in this project:
Back-end Developer
Contributions:80 commits, 20 PRs, 75 pushes in 7 years 10 months
Contributions summary:Bryan primarily focused on developing the backend logic for a DNS MITM server. They implemented features like multi-threading to improve throughput and added support for various DNS record types (A, AAAA, TXT, PTR, CNAME, and MX). The user also introduced class-based structures and incorporated a proxy mechanism for forwarding unmatched DNS requests. Their work resulted in improved functionality and a more robust and extensible DNS server.
Contributions:27 commits, 4 PRs, 17 comments in 2 years 6 months
Contributions summary:Bryan contributed to the KillerBee security research toolkit by addressing bugs and adding new functionality. They fixed an issue with the RZUSBStick device, ensuring proper device reset after use. They also updated the setup file to include new tools, and added dependencies for the Scapy library to support the tools that utilize it. Additionally, the user corrected a typo and fixed a length check.
security-researchsecurityieee-802-15-4zigbeeieee
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Bryan Halfpap - Principal Security Engineer at CoreWeave