Ryan Gerstenkorn is a Seattle-based software engineer with a decade of experience building secure, scalable cloud and DevOps tooling, specializing in AWS, Terraform, Go, and Python. He’s led cloud penetration testing at Rhino Security Labs and contributed significant maintenance and feature work to well-known open-source projects like Pacu and CloudGoat, improving AWS exploitation tooling and Terraform compatibility. Prior roles at Brave, SailPoint, Twitch/Curse, and Amazon show deep operational ownership—migrating critical update infrastructure, designing resilient networks, and automating CI/CD at scale. A top 1% HackerOne contributor and active bug bounty hunter, he pairs offensive security insight with pragmatic engineering. He also builds developer-focused automation and release systems, and is launching entrepreneurial projects including an equine marketplace and ongoing freelance work. Outside typical resumes, his GitHub shows playful creativity alongside CloudSec focus, hinting at a personality that blends curiosity with meticulous technical craft.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Role in this project:
DevOps Engineer
Contributions:34 reviews, 58 commits, 48 PRs in 1 year 2 months
Contributions summary:Ryan primarily contributed to the project by updating and supporting the deployment tool, CloudGoat, across different Terraform versions. They modified Terraform configuration files to ensure compatibility with Terraform 0.15, including changes to output handling and the `destroy` command. Additionally, the user made improvements to the ECS takeover scenario, simplifying and optimizing the deployment process by removing unnecessary components and adding placement constraints. They also fixed help output and altered the behavior of the 'create' command.
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Role in this project:
Backend & DevOps Engineer
Contributions:1 release, 84 reviews, 72 commits in 1 year 2 months
Contributions summary:Ryan's primary contributions involved improving the codebase's maintainability and reliability through dependency management, linting, and testing enhancements. They removed unnecessary dependencies, set lower bounds on others, and implemented a GitHub Action for linting and testing. The user also introduced new methods for handling boto3 sessions and configurations, improving the tool's AWS interaction capabilities. Moreover, they added a module for downloading EBS snapshots and fixed multiple issues related to the functionality of the tool.
pythonsecurityamazontestingpenetration-testing
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.