Hello, my name is Roman Rott!
I'm a Ukrainian front-end/back-end developer with 15 years of IT experience and 8 years experience dedicated to web development and security audit of web applications. I specialize in developing secure and optimised apps as well as in testing websites for security vulnerabilities.
Ruby is my favorite when it comes to following TDD and OOP best practices, while EcmaScript is the best one for front-end.
I do enjoy building everything from small OSS aps and libs, landing pages, business sites to rich interactive web apps, single page applications, etc.
I'm working remotely on web projects for clients all over the world and from time to time I take part in bug-bounty programs.
Over the 9 years I was working on various positions and at different departments in a big Cloud and Shared Hosting company, Ecommerce.com. 6 of them were in Tech Support(Customer Relation) department and 4 in IT as a Ruby/Rails developer. There I grew up as a web-developer, as a manager, and as a person.
Last 5-6 years I was working for different consulting and product companies where I've got extended experience in React, Redux, ES6 and TypeScript.
I also design and develop vulnerable applications for CTF hacking games that give an opportunity for security researchers to practice their skills. Below is a portfolio that contains a list of such apps and web services.
All of these sites and services were developed using Ruby, CoffeeScript, JS, ES6, TypeScript, React, Redux, Svelte, Backbone, Sinatra, Padrino and RoR frameworks. Some of them handles large amounts of traffic on daily basis.
My Full-Stack web developer portfolio is a brief summary of the projects samples that I've accomplished during last years.
Cyber Security Enthusiast
I enjoy testing websites for security vulnerabilities (both white-box and black-box) independently or on the platforms like BugCrowd I held several internal Web Application Security Assessments for the products I've been working on as a developer, preparing reports and/or fixing found bugs and issues. My interest in the Ethical Hacking has resulted in dozens and dozens of found and reported security issues in such services as: rubygems.org, ZeroMail, tagged.com, etc
Recently I had an opportunity to take part in a CTF(Capture The Flag) security game as one of Game Masters on the very first NoNameCon conference — I've created admin interface for it and was monitoring and maintaining it during the game.
I also used to design, deploy and support vulnerable web and mobile applications for CTF hacking games organized or supported by the «Berezha Security Group» for: