Nicholas Starke is a Senior Threat Researcher with 13 years of experience specializing in low-level firmware and OS security, currently evaluating the security posture of HPE Aruba Networking’s product portfolio. He began as an application developer and moved into application and open-source security before focusing on UEFI and BIOS firmware, where he’s discovered high-impact vulnerabilities across major manufacturers. Nicholas combines offensive research—writing kernel and firmware exploits and contributing to projects like Metasploit and the Browser Exploitation Framework—with pragmatic tooling work (contributions to FACT_core), showing fluency in both exploit development and backend systems. Based in Bondurant, Iowa, he brings a rare blend of firmware internals expertise and real-world attack experience, plus a classical education that hints at analytical rigor beyond typical technical backgrounds.
13 years of coding experience
15 years of employment as a software developer
Bachelor's degree Classics and Classical Languages Literatures and Linguistics, Bachelor's degree Classics and Classical Languages Literatures and Linguistics at University of San Diego
Contributions:65 commits, 14 PRs, 120 comments in 6 years
Contributions summary:Nicholas primarily contributed to the Metasploit Framework by developing and improving exploit modules. Their work involved implementing command injection vulnerabilities in various network devices, including D-Link and TP-Link cameras, and Apache Karaf. The user also enhanced existing modules by fixing bugs, improving error handling, and adding features such as saving credentials. They also worked on a Cable Haunt module for denial of service.
Contributions:7 commits, 4 PRs, 11 comments in 16 days
Contributions summary:Nicholas primarily contributed to the backend functionality of the `fact_core` repository. They addressed a bug related to database interactions by adding handling for missing data, specifically in the context of comparisons. The user made changes to the web interface code, making the radare2 host configurable, and refactored string concatenation. They also added configuration code for testing and fixed a bug related to download link templates.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.