Become a sponsor to Jonathan Leitschuh
Jonathan Leitschuh
Open-Source Software Security Researcher
I find and report security vulnerabilities in open-source software.
I enjoy giving back to the community through OSS Security Research. It's deeply satisfying to have the opportunity to help and protect users.
The unfortunate reality is that the OSS is underfunded and there's even less invested in security research to find vulnerabilities in these critical components.
By sponsoring my work, you will be sponsoring security research into potentially critical areas of your own software stack, hidden deep within your applications.
My CodeQL driven security research currently primarily focuses on the Java ecosystem with some forays into Python and Javascript. However, my security-research strengths primarily lie in the Java ecosystem.
Notable Security Research
- 🔥 Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
- 🔥 Want to take over the Java ecosystem? All you need is a MITM!
- 🔥 Leveraging Gradle Plugin wildcard versions for remote code execution
Other Security Disclosures
Less flashy, but were still a lot of fun to find and report!
There's even more than this though! You can find my current vulnerability findings to date in this Google Sheet here.
Other Content
I do a lot of cool stuff. I try to keep my GitHub Stars Profile up-to-date with my latests content.
When you're done here, follow me on Twitter! @JLLeitschuh
Featured work
-
JLLeitschuh/security-research
Public disclosure channel for security vulnerabilities
Python 16 -
WPIRoboticsProjects/GRIP
Program for rapidly developing computer vision applications
Java 381 -
JLLeitschuh/ktlint-gradle
A ktlint gradle plugin
Kotlin 1,491 -
gradle/gradle
Adaptable, fast automation for all
Groovy 17,092 -
wpilibsuite/allwpilib
Official Repository of WPILibJ and WPILibC
C++ 1,093 -
JLLeitschuh/kotlin-guiced
Convenience Kotlin API over the Google Guice DI Library
Kotlin 18