Education · Cybersecurity Curriculum · Hardware-Intensive
Virtus Cyber Academy
Practitioner-built, laboratory-intensive courses in embedded systems reverse engineering, offensive security, and applied cybersecurity.
The education arm of Virtus Cybersecurity, LLC — a tiered curriculum pipeline running from entry-level digital foundations (VCA-FND-101) through hardware and networks (VCA-HW-101, VCA-NET-101), security and reverse-engineering introductions (VCA-SEC-101), and on to a flagship reverse-engineering of embedded systems capstone (VCA-RE-101) and adversarial-track electives. Every course is taught on industry-standard tools, capstoned on real commercial targets, and graded on artifacts that look like professional deliverables.
The hardware: students build on a Tang Primer 25K FPGA and lab toolkit — not slideware, not cloud sandboxes. Curriculum is aligned to industry certification ladders (CompTIA, Cisco, ISC2, OffSec, Python Institute) so a graduate has both the bench experience and the credential evidence to be hired for it.
What this demonstrates: designing and operating a real technical training pipeline — competency-focused, anti-marketing, hands-on from day one. If you need a partner who can think clearly about technical training programs, build them, and run them, this is what that looks like.
Mobile · RF Awareness · Personal Security · Open Source
MyGLE
Know your neighborhood’s RF. Keep your family safer.
MyGLE is a community-built Android app that turns a phone into a local RF sensor — Wi-Fi, Bluetooth, cellular, GNSS, and Drone RemoteID — and ships the observations to your own TLS-encrypted MQTT broker. It’s a fork of the excellent WiGLE WiFi Wardriving app with a destination publisher added; collections also keep contributing to the upstream open dataset. mygle.net hosts the build guide, app.mygle.net is the cross-device fleet view, and the public REST API at api.mygle.net exposes observations, zones, GNSS satellite visibility, device alerts, and admin ops.
What’s shipping now: a formal plugin system (manifest v1, JSON-schema validated) with the first two plugins live — inferred_location (4-API fusion across BeaconDB, Google, Apple, WiGLE) and traveler-assistant-driving (daily narrative reports with venue research). Fleets with per-fleet invite codephrases for families and small teams. Family morning briefings that pull travel advisories (State Dept, FCDO, GAC), humanitarian reports (ReliefWeb), and seismic alerts (EMSC). Multi-layer resilience for spotty connections — MQTT, HTTPS bundle fallback, and a DNS chunk firehose — with on-device backlog budgets up to 1 GB. Cell-tower enrichment with MCC/MNC parsing and eNB ID extraction. MapLibre has fully replaced the proprietary maps SDK.
The philosophy: opt-in to every destination. Nothing leaves the phone unless you explicitly enable it and supply the address. A Tier 2 account option keeps you email-less with Ed25519 device authentication and hardware-backed Keystore identity. The whole build runs inside a container — no Android SDK install required on your machine. BSD 3-Clause. Targeting a clean F-Droid listing with zero anti-features for independent verification and privacy-respecting distribution.
What this demonstrates: personal security is more than door locks and passwords — the air around a home carries signals that tell a story, and most people have no way to see them. Building a tool that lets families, journalists, activists, and domestic-abuse survivors answer that question with their own data, on their own terms, is the exact discipline I bring to any client who wants auditable, transparent software instead of someone else’s black box.
SaaS · Service Management · Enterprise
StatusBay
Service management for SMBs — enterprise features without the enterprise price tag or complexity.
StatusBay is designed to compete with ServiceNow ($50K+/year) and Freshservice by delivering request tracking, approval workflows, stakeholder management, and role-based dashboards at $99–$599/month. The platform supports self-hosted deployment for full data sovereignty, includes a complete data migration toolset for switching from existing tools, and features JWT authentication with role-based access control.
Key capabilities: Multi-step approval chains with audit trails, SLA timers, mileage tracking with reimbursement workflows, knowledge base, and a roadmap including e-signatures (via SealSignature integration), field service dispatch, invoicing, AI assistant, and advanced analytics.
What this demonstrates: I can architect a multi-tenant SaaS product competing against enterprise incumbents, with tiered pricing strategy, self-hosted deployment, migration tooling, and security-by-default design. If I can build a service management platform from scratch, I can help you pick and set up the right one for your business.
SaaS · Security · Compliance
SealSignature
Certificate-based digital signing infrastructure with an exceptional user experience.
SealSignature addresses a clear market gap: no e-signature platform offered certificate-based digital signatures (PAdES, RFC 3161, AATL-trusted) through a developer-friendly, per-packet-priced model accessible to both humans and AI agents.
Technical architecture: FastAPI backend, React frontend, PKCS#11/HSM key management, PostgreSQL credits ledger, AWS S3/SES, GlobalSign AATL certificate authority integration. Self-hosted on a 3-node infrastructure with custom DNS (ns1/ns2.jumson.dev).
What this demonstrates: Security, compliance, and cryptography are not abstract topics for me — I build production systems that handle them. This is the same depth of understanding I bring when securing your business.
Cybersecurity · Pentesting · Client Portal
Virtus Cybersecurity
A professional penetration testing practice with a self-hosted client portal — because a security firm’s own platform should demonstrate the competence it sells.
Virtus Cybersecurity is my freelance pentesting practice, offering network penetration testing, web application vulnerability assessment, and OSINT investigations. The platform replaces a legacy brochure site with a three-enclave architecture: a public marketing site, a secure client portal behind ZeroTier mesh VPN, and research infrastructure — each on a separate server with distinct security boundaries.
Client portal: Go backend (chi v5, pgx v5, sqlc), SvelteKit frontend, PostgreSQL with row-level security for client data isolation, magic link authentication with optional email 2FA, and SealSignature API integration for Rules of Engagement signing. The portal backend runs on an internal server that is physically unreachable from the public internet.
What this demonstrates: I don’t just advise on security — I hold the OSCP, work with Synack Red Team, and build production systems with security-by-default architecture. If I can design a platform where a compromise of the public site cannot reach client pentest data, I can help you think through your own security posture.
Product Design · Accessibility · EdTech
CyberSeals
Terminal-based typing trainer built around the thesis that sustained attention is a trainable skill.
CyberSeals reimagines typing practice as attention therapy. Rendered as a CRT terminal interface with five selectable themes (Amber, Green, Battleship, Paper, High Contrast), four font options including OpenDyslexic for accessibility, and a full audio system with music player, ambient sounds, and noise generator.
Training content spans three domains: Tech/CLI (Linux commands, git, docker, npm), Catechism (Westminster Shorter, Heidelberg, Baptist Children's), and SAT Prep (vocabulary, mnemonics).
What this demonstrates: Product vision that synthesizes academic research into a differentiated consumer product, with sophisticated front-end engineering, theming architecture, audio integration, and genuine accessibility features.
Full Stack · Algorithms · Community
Edenrok
A Bible reading plan platform with adaptive scheduling, group features, and email-first interaction design.
Edenrok offers 10 reading plans across three categories with an adaptive scheduling algorithm that automatically redistributes readings when users fall behind. The email-first model means users receive daily reading emails and can reply to mark progress or journal thoughts — building a personal commentary over time.
Social features include: Reading groups with biblical invite codes, shared progress feeds, privacy-controlled journal sharing, and digest emails. Plans export as PDFs to tuck inside a physical Bible.
What this demonstrates: Full-stack product development including scheduling algorithms, email-based interaction systems, group management, PDF generation, and calendar feed integration. Real users, real workflows, real product design.
Content · SEO · Affiliate
Tacticol
A content-driven Amazon affiliate site covering tactical gear, firearms, optics, and hunting equipment.
Tacticol is an active, revenue-generating content site with 135+ in-depth articles spanning riflescopes, binoculars, rangefinders, spotting scopes, weapon lights, shot timers, trail cameras, GPS watches, and survival gear. Content includes detailed product reviews, head-to-head comparisons, buying guides, and FAQs — all monetized through Amazon Associates.
What this demonstrates: Content strategy at scale, SEO execution, editorial voice development, and affiliate business model execution. If your business needs an online presence that actually drives customers, I understand what that takes from the ground up.
E-Commerce · Maps · Merchandise
PrintMySpot
Custom map art of any location. 17+ color themes, 7 frame styles, any US address.
PrintMySpot lets customers create custom framed map prints of meaningful locations — homes, wedding venues, vacation spots. A full e-commerce workflow from design customization through checkout and fulfillment.
What this demonstrates: E-commerce product development, interactive design tools, print fulfillment integration, and consumer-facing UX.
