Leon Johnson
Offensive Privacy Lead at TikTok
Breaking things that need breaking for 20+ years.
TikTok
Rapid7
RSA Conference
BSides
Forrester
AI Consulting
Breaking things that need breaking for 20+ years.
GitHub profile intelligence tool. Turns any GitHub username into an instant OSINT report—languages, contributions, starred repos, and community metrics.
Discovered OS command injection in osctrl-admin allowing root/SYSTEM code execution on all enrolling endpoints before osquery installation.
View on NVD →Created one of VulnHub's most popular CTFs with 90+ community writeups over 10 years.
Built and solved a GraphQL-based CTF exploring API security, introspection attacks, and authorization bypass techniques.
Read writeup →Latest talk at Xygeni SafeDev on how attackers compromise software supply chains and the growing role of AI in both attack and defense.
Watch talk →Leading offensive privacy testing at TikTok USDS, driving vulnerability research and security assessments across the platform.
LinkedIn →Contributed to Evilginx2, a widely-used advanced phishing framework with 14,000+ GitHub stars, helping strengthen the community's understanding of credential interception attacks.
GitHub →Mentored a junior consultant and guided them toward building BruteSpray—a tool now integrated into Kali Linux with 2,000+ GitHub stars. Leading means growing people who ship things that outlast you.
GitHub →Keynotes, workshops, and private briefings on offensive security, AI risk, and building a career in cybersecurity. 20 talks at RSA Conference, BSides, Forrester Forums, and corporate events.
Book speaking → AI ConsultingCustom AI applications, workflow automation, and hands-on training. I build with LLMs daily—security tools, productivity systems, and shipping products. Need strategy, training, or someone to build it?
Learn more → SecurityPenetration testing, red teaming, and vulnerability assessments backed by 20 years of offensive security experience. From network infrastructure to web applications to social engineering.
Get in touch →Leading offensive privacy testing and vulnerability research for TikTok's US Data Security initiative. Co-discovered CVE-2026-28279 and CVE-2026-28280 in osctrl.
Researched AI security threats and developed automated security testing methodologies for AI/ML systems.
12 years of penetration testing, red teaming, and social engineering. Spoke at RSA Conference, Forrester Forums, and Security BSides. Featured in Under the Hoodie reports.
Conducted security assessments for state government agencies across Texas.
Security analysis and research at the Center for Infrastructure Assurance and Security at the University of Texas at San Antonio.
OS Command Injection in osctrl-admin. Authenticated admin injects shell commands via hostname parameter in environment configuration. Commands embed into enrollment scripts via Go's text/template and execute as root/SYSTEM on all enrolling endpoints before osquery installation. CWE-78.
Co-discovered with Kwangyun Keum @ TikTok USDS Offensive Privacy Team
Stored XSS in osctrl-admin on-demand query list. Low-priv user injects JavaScript via query parameter. Payload persists and executes in any viewer's browser, including admins. Chainable with CSRF token extraction for privilege escalation and full platform compromise. CWE-79.
Co-discovered with Kwangyun Keum @ TikTok USDS Offensive Privacy Team
20 talks across RSA Conference, Security BSides, Forrester Forums, Rapid7 UNITED, and corporate events spanning 12 years.
Pull requests and code merged into major security projects.
AI-powered tools, local LLM utilities, and developer productivity.
Original security tools for vulnerability discovery, exploitation, and proof-of-concept development.
Tools for penetration testing, red team operations, and security assessments.
Enumeration, credential extraction, and network reconnaissance tools.
Capture the Flag challenges, training labs, and educational resources.
Available for speaking, advisory roles, security consulting, and AI strategy.