About Me
I'm a software developer with a passion for building secure, enterprise-level applications. My experience spans from digital security systems to full-stack web development, with a focus on creating solutions that are both technically robust and user-friendly.
I enjoy tackling complex problems, especially those involving security, compliance, and scalable architecture. My goal is always to deliver software that not only meets requirements but exceeds expectations in terms of performance and reliability.
Featured Projects
Digital Stamp System for Professional Associations
STIBC System (Launched September 2022)
ATIO System (Launched November 2025)
The Challenge
Professional translator associations needed a secure, legally-compliant way for certified members to digitally authenticate their translated documents. Traditional paper stamps were inefficient, and existing digital solutions didn't meet the specific regulatory and security requirements of professional certification bodies.
The Solution
I designed and built a comprehensive digital certification platform featuring secure document signing, real-time verification, and full compliance with X.509 and PDF-A standards. The system handles everything from member onboarding to document stamping to public verification.
Technical Implementation
Backend Architecture
- .NET Core web application
- Entity Framework with MySQL
- Docker containerization
- SSL/TLS certificate management
Security & Compliance
- X.509 PDF-A encryption with SHA-256 digest
- RSA encryption and digital signatures
- Client-side document processing (privacy)
- Tamper detection and validation
- PKI certificate authority setup
Infrastructure
- AWS EC2 deployment
- Docker Compose orchestration
- Automated backup systems
- Usage analytics and monitoring
Features
- Multi-format document conversion
- Automated declaration generation and document merging
- Interactive stamp placement (all pages or first page only)
- Real-time signature verification
- Language combination validation
- Public verification portal
Platform Evolution: ATIO Enhancements (2025)
Building on the success of STIBC, the ATIO deployment introduced several architectural improvements and new features:
Enhanced Security Architecture
Implemented client-side encryption using AES-256 with Argon2id key derivation before cloud storage. Built a zero-knowledge architecture where encryption keys are never transmitted to servers, ensuring even the cloud provider cannot access documents. Documents can only be decrypted using the QR code or verification code printed on the document itself, which are never stored on servers.
QR Code Verification System
- 18-character verification codes generated for each stamped document
- Dual verification methods: PDF upload or verification code entry
- QR codes displayed on verification page for easy document retrieval
Client-Side Processing
- WebAssembly-based image-to-PDF conversion running locally in browser
- Eliminates third-party dependencies for image files (JPG, PNG)
- Faster processing and enhanced privacy for sensitive documents
Streamlined User Experience
- Stateless guest architecture with no login required
- Custom signature upload and management
- Simplified interface optimized for translator workflows
Results & Impact
- Successfully deployed for STIBC (Society of Translators and Interpreters of British Columbia) in September 2022, with ATIO (Association of Translators and Interpreters of Ontario) launched November 2025
- Active production system currently processing 75+ documents daily for certified translators
- Streamlined certification process for hundreds of professional translators
- Eliminated paper-based workflows while maintaining legal compliance
- Provided real-time verification for document authenticity
- Built scalable infrastructure supporting multiple organizations
MovingPapa.com - Corporate Website
Complete front-end website development for a multi-million dollar moving company, built from professional Figma designs with modern web technologies and marketing integrations.
The Challenge
Moving Papa needed a professional, responsive website that could handle complex service area routing, integrate with marketing analytics, and provide an excellent user experience across all devices.
The Solution
Built a comprehensive front-end solution using modern web technologies, implementing pixel-perfect designs with interactive components and robust tracking systems.
Technical Implementation
Frontend Technologies
- HTML5 & CSS3
- JavaScript & jQuery
- Bootstrap framework
- Responsive design
UI Components
- Interactive carousels
- Modern animations
- Mobile-optimized layouts
- Custom styling
Analytics & Marketing
- Google Analytics integration
- Facebook Pixel tracking
- SEO optimization
- Conversion tracking
Advanced Features
- Complex URL routing
- Multi-region support
- Performance optimization
- Cross-browser compatibility
Results & Impact
- Professional execution of Figma designs into fully functional website
- Responsive design working seamlessly across desktop, tablet, and mobile
- Marketing ready with comprehensive analytics and tracking implementation
- Scalable architecture supporting multiple service areas across Canada
- Built and deployed complete website in 3 weeks
DateFormatGenerator.com - Developer Utility
A reverse-engineering date format tool where developers enter their desired date output (like "Mon, June 23, 2025") and instantly get the corresponding format strings needed to produce that result in C#, JavaScript, Java, PHP, Python, Ruby, Swift, C++, and MySQL. Built with C# and transpiled to JavaScript.
The Challenge
Developers working across multiple programming languages struggle with creating the right date formatting syntax to achieve their desired output. They know what they want their dates to look like, but need to figure out the correct format strings for each language.
The Solution
Built a reverse-engineering tool that analyzes example date outputs and generates the correct format strings needed to produce that result in 9 major programming languages, with intelligent validation to catch ambiguous patterns.
Technical Implementation
Core Technology
- C# application logic
- JavaScript transpilation
- Static site deployment
- Client-side processing
Language Support
- C# & .NET DateTime
- JavaScript (Luxon)
- Java SimpleDateFormat
- PHP, Python, Ruby, Swift
- C++ & MySQL formats
SEO & Performance
- Fast static site delivery
- Mobile-responsive design
- User-friendly interface
- Lightweight implementation
User Experience
- Real-time format preview
- Intelligent ambiguity detection
- Pattern validation
- Cross-browser compatibility
Results & Impact
- High organic traffic with 9.1K clicks annually from Google search
- Exceptional user engagement with 16.3% click-through rate
- #1 Google ranking for "get format from date online" and other targeted developer queries
- Real developer adoption with consistent monthly usage by software developers
- Cross-platform utility supporting 9 major programming languages
Open Source Security Research
Discovered and patched critical security vulnerabilities in widely-used open source PDF library, protecting millions of downloads from cryptographic weaknesses and XML injection attacks.
Vulnerability Discoveries
🔒 XXE Vulnerability Patch (CVE-2017-9096)
Background: CVE-2017-9096 affects iText before 5.5.12 and 7.x before 7.0.3. The iTextSharp.LGPLv2.Core fork (based on iTextSharp 4.1.6, equivalent to iText 2.1.7) inherited this vulnerability from the older codebase.
Issue: XML parsers did not disable external entities, allowing remote attackers to conduct XML External Entity (XXE) attacks via crafted PDFs. This enables arbitrary file reading, SSRF attacks, and denial of service (CVSS 8.8 HIGH).
Fix: Identified the inherited vulnerability in the fork and patched it by configuring XmlReader with secure settings (DtdProcessing.Prohibit, XmlResolver = null) to disable external entity processing.
Impact: Protected 16.2M+ downloads from server-side exploitation when processing untrusted PDFs.
View PR #233 →🔐 Cryptographic Weakness in IV Generation
Issue: IvGenerator class used predictable pseudo-random number generator seeded with DateTime.Now.Ticks for encryption initialization vectors (IVs). Attackers knowing approximate PDF creation time could predict IVs and decrypt content.
Fix: Replaced RC4-based PRNG with .NET's cryptographically secure RandomNumberGenerator, ensuring truly random, unpredictable IVs and preventing chosen plaintext attacks.
Impact: Secured PDF encryption for 16.2M+ downloads.
View PR #234 →Results & Recognition
- Both PRs merged within 3 hours by project maintainer
- Comprehensive documentation explaining vulnerabilities, security impact, and technical implementation
- Responsible disclosure to upstream iText project for coordinated patching
- Zero breaking changes - security improvements with backward compatibility
- Proactive security mindset - discovered through independent code review
Other Experience
Additional development work includes system maintenance and enhancements for Lynch Bus Lines transportation software, plus successful entrepreneurial experience with an e-commerce business achieving $150k in sales.
Technical Skills
Backend Development
Security & Compliance
DevOps & Cloud
Frontend & Tools
Get In Touch
Interested in working together? I'm always open to discussing new projects and opportunities.