tooryx

Security Engineer at Google

Zurich, Zurich, Switzerland
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Security Engineer with 11 years of experience based in Zurich, Switzerland, focused on building and hardening backend systems for network security tooling. An active open-source contributor to Google's well-regarded Tsunami security scanner, they’ve improved core engine extensibility, added dynamic plugin support, and tightened test reliability by fixing race conditions and enhancing SSL and HTTP handling. Comfortable working at the intersection of development and security, they translate deep technical issues—like accurate web service detection and plugin execution timing—into practical improvements that increase scanner accuracy and observability. Known for pragmatic engineering that balances feature delivery with secure, auditable behavior, they bring a steady track record of advancing complex security scanners used in real-world assessments.
code11 years of coding experience
github-logo-circle

Github Skills (13)

plugin-development10
javas10
network-security10
security-scan10
java10
protocol-buffers10
jtest9
tls139
junit9
ssl9
tls129
http-client9
concurrency8

Programming languages (4)

DockerfileJavaGoPython

Github contributions (5)

github-logo-circle
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:4 releases, 3 reviews, 3 PRs in 1 year 4 months
Contributions summary:tooryx primarily contributed to enhancing the core functionality and security of the Tsunami security scanner. They addressed race conditions in the `HttpClientModule` tests and added features related to SSL version support and HTTP method tracking within the network service proto. Moreover, the user refined the logic for determining if a service is a web service and modified the scanning workflow to correctly reflect host status. They also added a feature to log the execution time of the plugins and extended the core engine of Tsunami to support dynamic plugins.
plugin-systemsecurity-scanneradobe-experience-managersecurity-toolsvulnerabilities
google/security-testbeds

Nov 2023 - Dec 2024

Contributions:15 reviews, 2 PRs, 1 push in 1 year
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
tooryx - Security Engineer at Google