Hi, my name is Brandon Perry.
I specialize in vulnerability research, exploit development (particularly web applications), and secure software development.
I have been a contributor to the Metasploit Framework for many years.
I have a Github account (report card).
I also have a blog I write in sporadically on technical things.
Some bugs I have disclosed in the past:
CVE-2005-2103: Buffer overflow in away message in Gaim
Seven FOSS Tricks and Treats
GestioIP Authenticated Remote Command Execution
Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability
Barracuda Load Balancer Authenticated Remote Root
EMC CTA v10.0 Unauthenticated XXE with root permissions
AlienVault v4.50 Authenticated SQL injection arbitrary file read
Lifesize UVC 1.2.6 Authenticated Remote Command Execution
Here are some things of mine that ended up on Exploit-DB
You may also have a look at the ZDI upcoming advisories list to see things that will be released in the future.
I also wrote the offline registry parsing library in Metasploit.
I currently have some applications for sale in the Ubuntu App Store.
I currently have some exploits for sale on ExploitHub:
Orange Themes Wordpress Remote Code Exec
Gitlab Post Auth SSH Key Remote Command Exec
Wordpress wpCleanFix Post-Authenticated Remote Code Exec
AspxCommerce 2.0 Unauthenticated Remote Code Exec
mod_rewrite <v2.2.25 Log Poison Unauthenticated Remote Command Execution
mod_proxy < 2.2.18 and < 2.0.65 Reverse Proxy Intranet Request Execution
I give frequent talks at AHA!
If you are looking for the OpenDiagnostics Live CD, click here.