I am Parsia, I try to do security most days.

2024-Present: Senior Offensive Security Engineer at Microsoft. Ignore my title, I am an application security engineer :).

2022-2024: Sabbatical. Dev contract work for a static analysis tool that automatically generates an OpenAPI spec from the backend source code. Some security research, mainly static analysis and Rust. See Personal Semgrep Server in Rust, semgrep-rs: Rust crate to interact with Semgrep, and some tree-sitter stuff.

2019-2022: Senior Security Engineer at Electronic Arts. I worked on many internal and external product (mostly videogames) and services. Check my Moby Games page for public game credits and a realistic video of me hacking videogames at work.

2013-2019: Associate Consultant to Senior Security Consultant at Synopsys Software Integrity Group via the 2016 Cigital acquisition.

Major Presentations

• DEF CON 26 (2018) Main Track: Tineola Taking a Bite Out of Enterprise Blockchain
  • https://www.youtube.com/watch?v=xKYIde5jh_8
• DEF CON 28 (2020) Appsec Village: localghost: Escaping Browser Sandbox Without 0-Days
  • https://www.youtube.com/watch?v=Cgl51ZcACLg&t=90
• DEF CON 33 (2025) Creator Stages: The Power(Point) Glove
• DEF CON 33 (2025) Bug Bounty Village: The Year of the Bounty Desktop: Bugs from Binaries

Who is Hackerman?

Hackerman is a character from the movie Kung Fury. He is the greatest hacker of all time. He also hacks with a Nintendo Power Glove like me. His cheesy hacking tutorial.

"I trust this man, he has a power glove."

I cannot hack people through time like Hackerman, but I use the Power Glove as a presentation gimmick.

I actually have a working Nintendo Power Glove.

What is This Website?

It is my security research and notes. It doubles as my cheat sheet and knowledge base along with parsiya.io. I look up pages or send links to this website at least a few times every day. It's also part of "my brand" and it's gotten me jobs. You don't wanna be the other guy from Wham!

What does "Don't be The Other Guy from Wham!" Mean?

Wham! was a popular UK music duo. Most people remember one of its members, George Michael. No one remembers the other guy, Andrew Ridgeley. Write a blog, don't be afraid to promote yourself (if you have the time). It's worth it.

LLM Usage

I don't use LLMs to generate text. What use is reading an LLM generated blog when you can create one yourself? Might as well just share the prompt.

I do not use LLMs to rewrite my text. I like my writing style and I do not want to sound like everyone else.

My LLM usage in this context is:

1. Catching spelling and punctuation mistakes.
2. Formatting text (e.g., convert this text into a numbered list).

Tracking

I have no tracking in this website. It's static HTML by Hugo and only a couple of lines of JavaScript. It's hosted on GitHub pages (source) so GitHub might log traffic, but I have no visibility.