Hello, my name is Mike, but in the Internet community, I commonly go by the pseudonym True Demon.

I’m a penetration tester and security researcher with roughly 10 years in the IT industry. As a teenager, I spent a lot of time dabbling in malware and participating in CTF contests that stoked my love for hacking, but never thought of making it a career, but here I am.

My Publications

My Projects

  • Raindance - “Automated Reconnaissance gathering tool for Office 365”
  • DeeDee - “Python DDE Exploit generator for .docx files.”
  • RubberCraft - “Rapid Payload generator I made for Rubber ducks and Malduinos”

My CVE’s

Here is where I would put my CVE attributions… If I had any :-(


  • Offensive Security Certified Professional (OSCP)
  • Qualified PCI ASV
  • Certified: Ethical Hacker (Not my proudest)

Projects I follow/contribute to

Blogs & Sites I contribute to

Extended Biography (For people who are interested)

After high school, I committed to 8 years serving in United States Army while I pursued higher education. Jumping between 4 different colleges over the years, I studied IT networking, computer science, video game art design, and ultimately settled on where I started, in information security.

Suffice to say, I’ve tried out a lot of different things, had my fair share of jobs, and broken quite a few computers along my way.

Before being bought out by RSM US LLP, I worked for SecureState as a security consultant. Thankfully, I still get to go to the same office and do the same work I love every day. These days, I have the pleasure of performing penetration testing and malware research on a regular basis. My daily work mostly consists of security consulting, with regular penetration testing engagements to break up the monotany. Between engagements during my free time, I contribute to several open source projects and build tools for my team or dive deeper into code. My favorite topic to study is malware development and reverse engineering, complex as it may be.