- Background: Anthropic (AI Security), Stanford CS (AI), IDF Unit 8200, Trail of Bits.
- Track Record: 12+ CVEs; found critical vulnerabilities in global infrastructure from industrial control systems and software used by 150M+ people to the backbone of decentralized finance.
- Interests: Vulnerability research, AI, Blockchain.
About Me
Hi, I’m Mav. My computer science passion started rather explosively. When I was 13, I had a lazy afternoon and I decided to build a rocket engine. However, on its first test it prematurely fired and exploded in my face. It burned my nose and eyelashes, which led me to stay home until my face healed. Bored and with no spare rocket engine parts, I decided to branch into computer science (less physically dangerous, hopefully).
I taught myself how to program, then how to break programs, and in high school I (legally) hacked my country’s national grading system. I found (and reported) a vulnerability that let me view and change any student’s grade. After graduating, I served in the IDF’s elite Unit 8200 conducting cybersecurity research for national defense. During this time, I also founded CyberQueens and mentored my community’s local FRC Robotics Team.
I graduated from Stanford University with a B.S. in Computer Science with a concentration in AI. My undergraduate major advisor was Jerry Cain, and I conducted security research under Prof. Dan Boneh and Prof. Dawson Engler. I also founded Stanford ZERO, a research organization dedicated to 0-day discovery.
My professional journey has taken me from auditing blockchain protocols at Trail of Bits and Alchemy to finding 0-days at Calif and Orca Security to building cybersecurity guardrails for LLMs at Anthropic.
In The Media
International Cyber Digest on OpenClaw 1-Click RCE vulnerability
The Hacker News on OpenClaw 1-Click RCE vulnerability
Tl;dr Sec on OpenClaw 1-Click RCE vulnerability
Uncapped with Jack Altman personal call-out on security research and AI
Hackaday on uTorrent Remote DoS vulnerability
Day0 Podcast on D-Link Router Security Mitigation Bypass vulnerability
The Hacker News on uTorrent Remote DoS vulnerability
Ptrace Security Bulletin on uTorrent Remote DoS vulnerability
In Hacker Tools
Metasploit Exploit Module for Serv-U FTP Server vulnerability
Other Awards
2023 CPTC Globals in New York Second Place Team Placement
2022 ETHGlobal San Francisco Hackathon for developing SecrETH, a distributed, trustless, programmable, encrypted key-value store on the Ethereum blockchain.
2022 CPTC Globals in New York First Place Technical Findings Award for finding 3 0-Days in 48 hours
2022 CPTC Globals in New York Second Place Team Placement