Jon Hart is a Principal Security Researcher with over 13 years of hands-on experience crafting large-scale internet scanning, vulnerability research, and security automation at Rapid7. He blends deep operational and development expertise—especially in Ruby—with a track record of improving detection tooling and automating over 100,000 vulnerability checks and Internet-scale data collection through Project Sonar. An active open-source contributor, Jon has enhanced core tools like Metasploit and ZMap, improving scanner fidelity, logging, and sharding for high-performance scans. He pairs sharp analytical troubleshooting with leadership in building and mentoring teams, and quietly sustains long-running research efforts under the moniker spoofed.org. Based in Bakersfield, CA, he brings a pragmatic, systems-first approach to making complex environments more reliable, observable, and secure.
13 years of coding experience
9 years of employment as a software developer
BS Computer Science, BS Computer Science at Northeastern University
Pattern recognition for hosts, services, and content
Role in this project:
Back-end Developer & QA Engineer
Contributions:27 releases, 785 commits, 192 PRs in 4 years 10 months
Contributions summary:Jon primarily contributed to improving the testing coverage and quality of the `recog` library. They added and enhanced RSpec tests to verify the accuracy of regular expressions, extraction logic, and handling of various XML and data inputs. The contributions involved implementing checks for correct parameter values and ensuring proper interpolation within the library's functionality. Furthermore, the user improved the `recog_verify` tool to support validation of multiple files.
Contributions:903 commits, 103 PRs, 39 pushes in 5 years 10 months
Contributions summary:Jon primarily contributed to the Metasploit Framework, focusing on enhancing and refining existing functionality. The contributions involved improving auxiliary scanner modules for network services like mDNS and rsync. These changes resulted in better output, improved logging, and more accurate identification of vulnerabilities, demonstrating a focus on improving the framework's capabilities. The user also made several bug fixes and performed cleanup by removing duplicated methods.
metasploitmetasploit-framework
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Jon Hart - Principal Security Researcher at Rapid7