X
Roman Rott's web projects' screenshots preview
Roman Rott's web projects' screenshots preview
Loading...

DigitalOcean is a cloud provider focused on simplifying web infrastructure for startups and individual software developers.
I really recommend using DigitalOcean (use my referral link to get $10 in credit) as they offer extremely low-cost Cloud hosting servers, which means that you can pay $5/month to have your own virtual server to host almost anything on it.
Here is the list of websites I was working on and served with DO:

IraRott.com - online store of knit and crochet patterns

Ira Rott is a Knit & Crochet Designer living in Southern Ontario, Canada. This website is her online shopping cart for selling digital material (pdf files with patterns).

There are hundreds paid and dozens free pdf patterns on the site, that can be downloaded and used by masters around the world. Additionally, it has Ira's portfolio and integration with Etsy system.

Website is a kind of CMS that has almost everything customizable using admin page, beginning with adding new patterns, portfolios, creating standalone pages, categories etc and ending with changing all SEO-related parameters of this website.

Role:
Full-Stack developer. Remote developer
Responsibilities:
Creating back-end and front-end, admin page
design, SEO-optimisation
configuring and optimization of the web, SQL servers, site migration, support current features and monitoring website's state.
Languages:
Ruby 2.1, JavaScript, CoffeeScript
Frameworks/Libs:
Padrino, Jquery
Other technologies:
SASS, Haml, ActiveRecord, Carrierwave, Poltergeist, Selenium, JSON, Newrelic, Sprockets, Nginx, PostgreSQL, Capistrano
Status:
Online

rrott.com - current website-portfolio

My own website with blog and portfolio. The Website includes basic information about myself, my projects, my contact information and blog post related to web-development and security researches.

Role:
Full-Stack developer. Security researcher
Responsibilities:
Creating back-end, front-end, design, SEO-optimization, performance optimization, configuring web server.
Languages:
Ruby 2.2, CoffeeScript
Frameworks/Libs:
MiddleMan - static site generator. This is a JQuery-less website
Other technologies:
HTML5, Haml, Pure, Nginx, HTTP/2, WebP
Status:
Online
Website: rrott.com
Portfolio: /portfolio
Blog: /blog

Shlyapa-Pay.info - payment system for CTF games

«Shlyapa-Pay» is a fake payment system created for a CTF(Capture The Flag hacking game) held by «Berezha Security».

This payment system has its own website, blog, integration with ActiveMerchant as a fake payment processing. It behaves almost the same way as a common payment systems like PayPal or WebMoney allowing users to send and receive costs to/from each other. The project has its own shopping cart and kind of social network created with several pre-defined vulnerabilities in mind.

«Shlyapa-Pay» was used in game held during International forum «Cybersecurity: Ukraine and the world» and then, after fixing all the vulnerabilities and adding new ones, was a part of a game at the Cybersecurity Olympiad «HackIT-2015»

Role:
Full-Stack developer, Game-Master's assistant during 2 CTF games.
Responsibilities:
Creating back-end, front-end, integrating free design, admin page, protecting the application from all possible security issues except pre-defined ones. Creating ActiveMerchant payment processor that can be integrated into a Shopping Cart. Was configuring and optimising web, SQL servers, monitoring services and applications during the games.
Languages:
Ruby 2.2, Javascript
Frameworks/Libs:
Padrino, Jquery, Bootstrap
Other technologies:
SASS, Haml, ActiveRecord, ActiveMerchant, Devise, Upmin, Faker
Status:
«Shlyapa-Pay» is offline now due to the nature of applications created for CTF games.

MyBestDate.xyz - dating website for a CTF game

«MyBestDate» is a fake Dating website created for a CTF(Capture The Flag security game) organised for UISGCon 11(2015) - Ukrainian InfoSec conference held by Non-Government Organisation «Ukrainian Information Security Group»

This Dating website had no real users or profiles and was created with several pre-defined vulnerabilities that allowed researchers to get flags and proceed with the next part of the hacking game. It has integrated chat and rating systems to allows gamers to use their skills on a system close to real ones.

Role:
Full-Stack developer, second Game-Master
Responsibilities:
Creating back-end, front-end; integrating free design, admin page; protecting application from all possible security issues, except pre-defined ones; configuring and optimising web, SQL servers; monitoring services and applications during the games.
Languages:
Ruby 2.2, Javascript
Frameworks/Libs:
Ruby on Rails 4.2, Jquery, Bootstrap
Other technologies:
SASS, Haml, PostgreSQL, Faker, CarrierWave, Devise, Administrate
Status:
«MyBestDate» is offline now due to the nature of applications created for CTF hacking games.

SecureVPN.xyz - VPN Service for a CTF games.

«SecureVPN» is a service created for the Cybersecurity Olympiad «HackIT-2015» with deep integration of «ShlyapaPay» payment service that allowed users to get paid VPN server and connect to any other servers in the network.

Service was based on an open-source project with hooks for OpenVPN that I had to rewrite for game's needs. The whole infrastructure had 2 VPN servers located in Amsterdam and Singapore, billing system located in Toronto and payment system in Singapore. Back-end was rewritten to add flags and integrate the product with 3rd party payment systems.

Role:
Full-Stack developer, Game-Master's assistant.
Responsibilities:
Adding and configuring VPN, SQL and web servers using Chef. Integrating fake payment system with the services, adding vulnerabilities and fixing existent ones.
Languages:
Ruby 2.1
Frameworks/Libs:
Ruby on Rails 4.2
Other technologies:
Chef
Status:
«SecureVPN» is offline now due to the nature of applications created for CTF games.

FindMeGetMe.xyz - fake dating service.

«FindMeGetMe» is a fake Dating website with an API for mobile application created for a CTF(Capture The Flag hacking game) organised for UISGCon 11(2015) - Ukrainian InfoSec conference held by Non-Government Organisation «Ukrainian Information Security Group»

This Fake Dating website was created for security researchers and had no real users or profiles. It was created with a pre-defined vulnerabilities related to Redis and Sockets. I used a Free design and added vulnerable Rack application that gets photos from Redis service using Sockets technology.

Role:
Full-Stack developer, second Game-Master
Responsibilities:
Creating back-end, integrating free design, configuring and optimising web, Redis servers, monitoring services and the application during the games. Creating API for a mobile app.
Languages:
Ruby 2.2
Frameworks/Libs:
Sinatra
Other technologies:
Redis
Status:
«FindMeGetMe» is offline now due to the nature of applications created for CTF hacking games.