Willis Vandevanter

Senior Penetration Tester

New York, New York, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Willis Vandevanter is a Senior Penetration Tester with 14 years of hands-on offensive security experience, currently based in New York and leading assessments at Terra Security. He has a strong research pedigree—authoring SAP vulnerability advisories, presenting at Black Hat and DEF CON, and building exploit tooling—balanced with practical SecDevOps work like Zero Trust, container scanning, and observability. Willis has led and founded consulting practices with high client retention, delivered red team engagements for Fortune 20 customers, and recently focused on AI security at Trail of Bits. An active open-source contributor, he’s enhanced Serpico’s reporting and plugin system and developed XXE embedding tools that reflect deep protocol- and file-format-level expertise. His background combines a joint Math/CS degree from McGill and a master’s in secure software engineering with a rare mix of research, tool development, and operational security delivery.
code14 years of coding experience
job17 years of employment as a software developer
bookMasters, Secure Software Engineering, Masters, Secure Software Engineering at James Madison University
bookBachelor of Science, Joint Degree in Mathematics and Computer Science, Bachelor of Science, Joint Degree in Mathematics and Computer Science at McGill University
github-logo-circle

Github Skills (17)

file-manipulation10
security10
ruby10
exploit10
sinatra10
xml10
reporting-services10
xslt9
file-format9
template-engine9
filetype9
templater9
data-analysis9
plugin-development8
html7

Programming languages (8)

PowerShellJavaC++JavaScriptGoHTMLRubyPython

Github contributions (5)

github-logo-circle
SerpicoProject/Serpico

Feb 2013 - Apr 2020

SimplE RePort wrIting and COllaboration tool
Role in this project:
userFull-stack Developer
Contributions:15 releases, 447 commits, 140 PRs in 7 years 3 months
Contributions summary:Willis primarily focused on enhancing the Serpico project's functionality by implementing new features and refactoring existing code. Their work included adding support for customizable report templates, including CVSS3 and NIST800 templates. The user also addressed bugs related to image insertion and added functionality to add hyperlinks. Furthermore, the user introduced a plugin system, enabling users to extend the project's capabilities through custom plugins.
reportcollaborationcollaboration-tool
BuffaloWill/oxml_xxe

Mar 2015 - Mar 2021

A tool for embedding XXE/XML exploits into different filetypes
Role in this project:
userBack-end Developer & Security Engineer
Contributions:2 reviews, 81 commits, 26 PRs in 6 years 1 month
Contributions summary:Willis primarily worked on a tool for embedding XXE/XML exploits into different file types. Their contributions centered around defining and implementing various XXE payloads within the Ruby code. They developed methods to insert these payloads into different file formats, including PDF, GIF, and images and added string replacement functionalities. Furthermore, the user refactored menus and address issues.
xxeopenvasxmlexploitsembedding
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Willis Vandevanter - Senior Penetration Tester