Skip to main content

Jon Simmons

I build automation tools, scripts, and systems with a focus on reliability, security, and practical engineering outcomes.

Contact MeView Projects

Automation & Scripting

Python, Bash, and Go tooling that eliminates repetitive work

Security-First Thinking

Offensive research and defensive engineering practices

Systems & Tooling

Infrastructure monitoring, CI/CD, and reliable deployments

What I Do

Automation & Scripting

I build tools that turn manual, error-prone workflows into reliable, repeatable processes. If something can be scripted, it should be.

  • Custom CLI tools for internal operations and security workflows
  • Data pipelines and ETL scripts for monitoring and alerting
  • CI/CD integration and deployment automation
Security & Bug Bounty

I approach security from both sides — building systems that are hard to break, and actively testing systems to find what others miss.

  • Web application penetration testing and vulnerability research
  • Bug bounty hunting on HackerOne and Bugcrowd platforms
  • Security-focused code review and threat modeling

Active on TryHackMe and HackTheBox for continuous skill development.

Featured Projects

Ticket Triage Automator

Manual ticket triage consumed hours every week, leading to slow response times and inconsistent categorization across the support team.

Python
Flask
Redis
PostgreSQL
Docker

Saved ~4 hours per week in manual triage effort

View ProjectGitHub
Home Lab Health Dashboard

Managing a growing home lab meant constantly SSH-ing into different machines to check system health, with no unified view of resource usage or alerts.

Python
FastAPI
SQLite
Tailwind CSS
Systemd

Monitors 12 systems with < 1% resource overhead

View ProjectGitHub
Recon Notes System

Bug bounty recon generated scattered notes across text files, browser tabs, and terminal history, making it difficult to track findings across targets.

Go
SQLite
Templ
HTMX
Tailwind CSS

Reduced context-switching overhead by ~60% during active recon

View ProjectGitHub
View all projects

Latest Writeups

CTF
8 min read
HTB Keeper: From Default Credentials to Root

A walkthrough of the HackTheBox Keeper machine covering initial enumeration, exploiting default credentials in Request Tracker, and leveraging a KeePass memory dump for privilege escalation.

Read more
Web Security
6 min read
Broken Access Control: Patterns I Keep Seeing

A breakdown of the most common access control failures encountered during security assessments, from IDOR vulnerabilities to missing function-level authorization checks.

Read more
Automation
7 min read
Automating Bug Bounty Recon with Python

How I built a modular Python pipeline to automate the repetitive parts of bug bounty reconnaissance while keeping the manual analysis where it matters most.

Read more
View all writeups

Interested in working together or discussing a role?

I'm always open to conversations about security engineering, automation, or interesting technical challenges.

Contact MeDownload Resume