GitHub maintains a fork of Git with a small number of added extensions that perform GitHub related tasks. My project this summer was to work on the extension that scans pushes to public repositories for GitHub OAuth tokens. I assessed the current implementation and analyzed alternative implementations that could scale to future use cases. Given this is a critical path for repository pushes, my project required plenty of research and collection of performance and correctness data. This was my first time using C outside of school, so I made plenty of mistakes, but learned lots in the process. Besides my core project, I also had the opportunity to triage reports which came in through the bug bounty program.
The most memorable moment of the internship was the appsec team mini summit. During the mini summit our team went blacksmithing… because who doesn’t like playing with molten metal?!? It was a blast and my fire poker turned out pretty nice! Plus it was cool too meet my entire team in person instead of over video calls (since the majority of my team is remote).
Scout! He’s always excited about everything!