Cole Banman
Web Engineer
EDUCATION
Northeastern University
Computer Science & Business Administration
2025 — 2029
ACHIEVEMENTS
- Built Flow Monitors: real-time inventory tracking system serving 25,000+ users with zero investment
- Hacked Vercel's AI SDK, reported a critical security granting unrestricted access to every AI model; earned a four-figure bug bounty
- Discovered API vulnerability on JD Sports mobile app that prompted entire platform redesign
- 6-figures in revenue from sneaker reselling and automation
- Built a complete sneaker bot suite for entering Nike draws; bypassed 3+ anti-bot systems; open-sourced
FEATURED PROJECTS
Flow Monitors
Automation platform for retail arbitrage with 25,000+ peak users. Built and sold software generating $3.5K/month revenue through reverse engineering of major platforms and bypassing enterprise anti-bot systems including Kasada, Akamai, and Shape (F5).
TypeScript · Supabase · Proxy Management · Reverse Engineering · Anti-Bot Bypass
ReverserWork in Progress
AI-powered vulnerability scanner combining autonomous agents with browser automation. Uses Chrome DevTools Protocol and network traffic analysis to discover security issues in web applications. Features Chrome Extension integration with Native Messaging bridge for real-time session inspection.
Vercel AI SDK · Chrome DevTools Protocol · WebSocket · Express · Zod · Security Research
Grabbit CLIWork in Progress
AI-driven browser automation workflow builder using Chrome DevTools Protocol. Agent explores web applications, captures network traffic, and generates deterministic request-only workflows that can be replayed programmatically. Features terminal UI for task management and workflow execution.
Vercel AI SDK · Chrome DevTools Protocol · blessed (TUI) · Workflow Automation
Grabbit ExtensionWork in Progress
Chrome extension that reverse-engineers API requests from highlighted webpage data. Features fuzzy matching to locate data across different formats, stealth Fetch/XHR interception, deep JSON traversal, and automatic generation of cURL commands and OpenAPI 3.0 schemas.
Chrome Extension (MV3) · OpenAPI · Fuzzy Matching · Network Analysis
ScrambleBench
Benchmarking suite for evaluating AI model performance on deobfuscating JavaScript code. Tests LLM capabilities against various code obfuscation techniques to measure comprehension and analysis accuracy.
Vercel AI SDK · Google AI SDK · Benchmarking · Code Analysis
NXTAntibot
Proof-of-concept anti-bot system using obfuscated client-side code and encrypted WebSocket communication. Sends unique challenges to distinguish human users from automated bots, scoring clients from 0 to 1 and blocking endpoints based on security thresholds.
JavaScript · WebSocket · SHA256 Encryption · Code Obfuscation · Bot Mitigation
JavaScript Obfuscator
Advanced obfuscation tool built with Babel for code security. Transforms JavaScript code into highly obfuscated versions that are extremely difficult to reverse engineer, protecting intellectual property and preventing code analysis.
JavaScript · Babel · Code Obfuscation · AST Transformation
OSAuto
Collection of web-automation bots created for strictly educational purposes. Demonstrates various automation techniques and patterns for web interaction and task automation.
Python · Web Automation · Browser Automation
Complete Sneaker Bot Suite
Full-stack automation system with React frontend, Firebase backend, Stripe payments, and key management. Supports multiple retail platforms with advanced bot mitigation bypass.
React · Firebase · Stripe · Node.js · Bot Mitigation
BetterVue Public
Reverse-engineered high school gradebook API to implement a complete modern redesign with enhanced features and improved user experience.
JavaScript · Vue.js · UI/UX · Frontend