whoami
I'm Kamdin Bembry, a student at Rochester Institute of Technology. I specialize in vulnerability research and security engineering.
About Me
I'm interested in understanding core systems functionality and leveraging that for exploitation. My research focuses on:
- Compiler Security: LLVM codegen, optimization mechanisms, and MCA
- Browser Exploitation: V8 JS engine resear ch and exploitation
- Kernel & OS Security: Custom operating systems for fuzzing
- Microarchitecture: cache optimization and branch predictors
- Penetration Testing: Security assessments and hacking
Education
- Rochester Institute of Technology (RIT)
- Independent Study Focused on Computing Security Research
- Expected Graduation: May 2028
- GPA: 3.61 | Dean's List (Fall 2024, Spring 2025)
- Member of RITSEC (Cybersecurity Club)
- RIT Archery
Work Experience
- Penetration Testing Intern @ Coalfire (May 2025 – Aug 2025)
- Performed real-world cyberattacks to uncover security flaws
- Assisted in ethical hacking engagements, vulnerability exploitation, and reporting
- Contributed to securing networks and applications against advanced persistent threats
Research & Projects
- AI Integrated IDE Security Assessment (June 2025 – Aug 2025)
- Conducted comprehensive security assessment of AI-integrated IDEs
- Discovered vulnerabilities including arbitrary file exfiltration, file system embedding, and dozens of successful prompt injection attempts
- Pwn College V8 Quarterly Quiz (Feb 2025 – June 2025)
- Completed pwn.college V8 Quarterly Quiz (Username: ziarashid)
- Learned V8 internals, compiler architecture, and exploitation techniques
- Compiler & Browser Research (Nov 2024 – Present)
- Implemented custom programming language with LLVM backend
- Studied LLVM IR creation and optimization mechanisms
- Experimented with JavaScript's V8 engine for exploitation research
- Kernel and OS for Fuzzing & Vulnerability Research (Aug 2024 – Dec 2024)
- Built minimalistic operating system and custom kernel for fuzz testing with LibAFL's QEMU mode
- Focused on hypervisor security and guest-to-host escape detection
CTF Competitions
Member of Squid Proxy Lovers and [:](SLICES)
| Year | Competition | Team | Rank |
|---|---|---|---|
| 2025 | Google CTF | Squid Proxy Lovers | 3rd Place |
| 2025 | DEF CON Finals | SuperDiceCode | 3rd Place |
| 2025 | DEFCON Quals | Squid Proxy Lovers | 10th Place |
Skills
- Programming Languages: C++, C, LLVM, JavaScript, Go, Python, Assembly, SQL
- Tools & Technologies: LLVM, V8, Turbolizer, IDA, LibAFL, pwntools, BurpSuite, pwndbg
- Security Research: Vulnerability research, penetration testing, reverse engineering, fuzzing
- Compiler Security: LLVM optimizations, instruction selection, Machine Code Analysis
- Browser Exploitation: V8 engine internals, sandbox bypass techniques, JavaScript exploitation
Personal Interests
In my free time I enjoy learning Japanese & Korean, backpacking the world, snowboarding, wrestling & Brazilian Jiu-Jitsu, hacky sacking, archery, spirited driving, and reading novels.
Contact & Links
- Email: kamdinomaribembry@gmail.com
- GitHub: https://github.com/Zia-Rashid
- Twitter: @Zia__Rashid
- LinkedIn: linkedin.com/in/kamdin-bembry
- Resume: Download Resume (PDF)
This website showcases my research, projects, and experiences. Feel free to contact me on discord @ziarashid.