Resume
Cole Banman
Education
Northeastern UniversityExpected 2029
B.S. Computer Science & Business Administration
GPA: 3.7/4.0
Study Abroad: London, UK (Freshman Year, 2025–2026)
Skills
| Languages & Frameworks | TypeScript, React, Next.js, Node.js, Bun, Python |
| Platforms & Tools | Vercel AI SDK, Railway, Supabase, Chrome Extensions, WebSockets |
| Specializations | Browser Automation, API Security, Reverse Engineering |
Experience
Software Developer (Contract)Feb 2026 - Present
Northeastern University LondonLondon, UK
- Contracted by the university to design and develop a full-stack application aggregating internship and career opportunities for students (Next.js, Supabase), covering architecture, database design, implementation, and stakeholder communication.
- Integrated and normalized job listings by reverse engineering job-board workflows (LinkedIn, Handshake, Google Careers) via network traffic analysis and API modeling, surfacing relevant roles in one centralized interface.
Bug Bounty & Vulnerability Research2024 – 2025
Independent Security ResearcherRemote
- Discovered a critical authorization flaw in Vercel's AI SDK that allowed unrestricted access to AI models; responsibly disclosed and awarded a four-figure bounty.
- Found and reported an API vulnerability in JD Sports' mobile app that exposed sensitive store data; the company redesigned the affected platform in response.
Founder & Lead Engineer2023 – 2025
Flow MonitorsRemote
- Built a real-time inventory monitoring platform serving 20,000+ users, integrating with retail APIs protected by enterprise security systems (Kasada, Akamai, Shape) to deliver reliable data pipelines and instant stock alerts.
- Designed the alerting infrastructure from scratch and grew the product to $3.5K+ monthly recurring revenue with zero outside investment.
Projects
Reverser
AI agent that autonomously navigates websites, monitors network activity, and identifies potential security vulnerabilities—automating the early stages of bug bounty research.
AI agent that autonomously navigates websites, monitors network activity, and identifies potential security vulnerabilities—automating the early stages of bug bounty research.
Grabbit (CLI & Browser Extension)
AI-powered tool that watches how you use a website and generates reusable automation scripts. Includes a Chrome extension that finds the API behind any data on a page and generates ready-to-use code. Built with Next.js, Vercel AI SDK, and Railway.
AI-powered tool that watches how you use a website and generates reusable automation scripts. Includes a Chrome extension that finds the API behind any data on a page and generates ready-to-use code. Built with Next.js, Vercel AI SDK, and Railway.
ScrambleBench
Benchmarking suite that measures how well AI models can understand and reverse scrambled JavaScript code, testing comprehension across different obfuscation techniques.
Benchmarking suite that measures how well AI models can understand and reverse scrambled JavaScript code, testing comprehension across different obfuscation techniques.