Joshua Rogers is an OSS AI security researcher and pragmatic hacker with ~11 years of professional experience and over a decade of hands-on offensive security practice. He blends deep systems and vulnerability expertise (AFL++, Metasploit contributions) with product-minded engineering, having re-architected global infrastructure and led incident response and detection programs at Opera. Comfortable across C/C++/Python/PHP and low-level tooling, he prioritizes material, real-world risk over checkbox compliance and builds pragmatic fixes and automation rather than reports. An all-rounder and self-starter, he pairs applied mathematics and film studies to bring creative, culture-jamming approaches to security research and tooling. Notably, his open-source work includes improving LeakSanitizer integration for AFL++ and developing Metasploit PoCs for high-profile CVEs, demonstrating impact across community tools and enterprise defenses.
11 years of coding experience
9 years of employment as a software developer
Bachelor of Arts (B.A.) Film/Cinema/Video Studies, Bachelor of Arts (B.A.) Film/Cinema/Video Studies at Swinburne University of Technology
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Role in this project:
Security Engineer
Contributions:5 reviews, 8 commits, 3 PRs in 9 months
Contributions summary:Joshua focused on enhancing the security aspects of the AFL++ fuzzer, specifically integrating and refining LeakSanitizer (LSAN) functionality. Their contributions involved introducing LSAN support, modifying the compilation process to incorporate LSAN checks, and adjusting environment configurations to handle LSAN errors effectively. The user also corrected typos and improved the overall clarity and accuracy of the LSAN implementation.
Contributions:5 reviews, 13 commits, 2 PRs in 1 year 2 months
Contributions summary:Joshua contributed to the Metasploit Framework by developing and documenting a proof-of-concept (PoC) exploit for a Squid proxy server denial-of-service vulnerability (CVE-2021-31806 and CVE-2021-31807). The contributions include the Ruby-based module and documentation for its usage, testing, and potential impact. The user also updated the module to use HttpClient, improved code style, and integrated information relevant to the vulnerability.
metasploitmetasploit-framework
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Joshua Rogers - OSS AI Security Researcher at AISLE™