About GulfTech

GulfTech Research and Development was created in early 2002 after I moved to the Mississippi Gulf Coast in order to be closer to family, who were inevitably growing older. Frustrated with the lack of I.T. Security related research in the Mississippi Gulf Coast area, I decided to create GulfTech as both a means to pay the bills, as well as an outlet for my independent security research. Over the years I have discovered hundreds of bugs in various software titles under both my real name, as well as my old "screen name" JeiAr. In addition to my public research, I have also been fortunate enough to have the opportunity to work professionally with many talented names in web application software such as vBulletin, Kayako, IP.Board, Interspire, MyBB, CubeCart, Iono, Gallery 2, and many more.


About James

I first became interested in I.T. security after working as a web developer in the late 90's. Since then I have had experience in most aspects of I.T. Security, but overall I prefer working with web applications in regards to both a security and development. Web applications are so much more interesting today than they were 10 years ago. Simple procedural code, and compiled CGI binaries have since become replaced with elegant OOP frameworks, and MVC based applications. As a result web application security keeps getting more interesting as time goes on, and as these applications become increasingly complex, they become exponentially interesting from a security point of view. In addition to I.T. security, I am very interested in general knowledge, mathematics, science, history, writing, and music. I have been playing guitar off and on for about 25 years, and have a small but effective home studio that consists of ProTools, AT2020, Axiom 49, and many stringed instruments. Currently I am working on a project called "Cold Barrel Shot", and have several rough demos available from the upcoming album hosted at reverbnation.





Over the years I have been fortunate enough to have my work referenced in one way or another in many different places. Below is a collection of these links that I have collected with the help of others. If you know of something that you think should be on this list but isn't, please contact me.


The Art of Security Software Assessment

BOINC: Project credits

PHP Web Application Security: A Zero-Day Exploit Case Study

PHP Blogging Apps Vulnerable to XML-RPC Exploits

Yet More Security Vulnerabilities Found In Pligg V9.9.0

Fixes for ReviewPost, PhotoPost

Hackers Targeting Mambo Security Holes

Google hacking for penetration testers

Top-10 Vulnerability Discoverers of All Time

Top vulnerability researcher?

Five common Web application vulnerabilities

Tips That Every PHP Developer Should NOT Know

The Google Hackers Guide v1.0

Looking at picture installs spyware and virusess

PHP Apps: A Growing Target for Hackers