Kevin Backhouse

Security Researcher at Semmle

United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Kevin Backhouse is a security researcher at GitHub Security Lab with eight years of focused experience hunting and exploiting vulnerabilities in open source software. With a DPhil in Computer Science and a strong foundation in mathematics, he blends deep program analysis and exploit development—demonstrated by PoCs for libssh2, D-Bus, polkit and several Ubuntu components—with practical hardening contributions to libraries like Exiv2. His background writing QL queries at Semmle and adding fuzz targets to OSS-Fuzz shows expertise across static analysis, fuzzing, and compiler-level reasoning. Prior roles at Oracle, MathWorks and ARM reflect a long history of systems and compiler engineering, informing his ability to find subtle memory and logic flaws. Colleagues rely on him not only to discover issues but to produce tests and fixes that reduce regressions across large codebases.
code8 years of coding experience
job13 years of employment as a software developer
bookDPhil, Computer Science, DPhil, Computer Science at University of Oxford
bookBA, Mathematics, BA, Mathematics at University of Cambridge
languagesDutch
github-logo-circle

Github Skills (28)

debug10
c-language10
image-processing10
audit10
security10
exploit10
code-auditing10
audit-logging10
fuzzing10
cprogramming-language10
auditing10
vulnerability-research10
fuzzer10
fuzz-testing10
audit-trail10

Programming languages (13)

C#JavaC++CHTMLTypeScriptDockerfileShell

Github contributions (5)

github-logo-circle
github/securitylab

Jul 2019 - Feb 2022

Resources related to GitHub Security Lab
Role in this project:
userSecurity Engineer
Contributions:20 reviews, 60 commits, 43 PRs in 2 years 8 months
Contributions summary:Kevin's commits focus on identifying and exploiting security vulnerabilities. Their work includes crafting a proof-of-concept (PoC) for a vulnerability in `libssh2/packet.c`, developing an exploit targeting an Apport PID recycling vulnerability to obtain ASLR offsets, and creating a PoC for D-Bus CVE-2020-12049. Additionally, they've contributed exploits related to Ubuntu and SANE backends (CVE-2020-12861) and polkit. Their contributions demonstrate a focus on vulnerability research and exploit development.
github-security-labsecuritycvevulnerabilitylab
Exiv2/exiv2

Apr 2019 - Jan 2023

Image metadata library and tools
Role in this project:
userBack-end Developer & Security Engineer
Contributions:5 releases, 396 reviews, 659 commits in 3 years 9 months
Contributions summary:Kevin primarily focused on identifying and fixing security vulnerabilities within the Exiv2 image metadata library. The commits reveal that the user was involved in addressing various issues, including buffer overflows, integer overflows, and out-of-bounds reads, specifically targeting image formats like JPEG, PNG, and WebP. The user's contributions included both code fixes and the creation of test cases designed to prevent future regressions. Their work appears to have significantly improved the security and robustness of the library.
exif-metadataexifiptcimage-metadataexif-interface
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial