Avery Hughes, B.S. Cybersecurity
----------------------------------------------
About

I'm a cybersecurity professional with a passion for tackling tough technical projects and always improving my skills. I have experience in Linux systems administration and penetration testing.

Outside of work, I stay active in the cybersecurity community by participating in and organizing conferences and workshops, always learning and networking with others.

Contact Information

You can reach me via the following methods:

WORK EXPERIENCE
1. Undergraduate Research Assistant
February 2025 - Present
  • Authored and published a peer-reviewed paper, “SecLog: Atomic-swap Based Secure Logging for Decentralized Data Sharing”, presented at the 2025 International Conference on Metaverse.
  • Designed and implemented decentralized database backend systems for Web3DB, enabling secure schema registration, IPFS data storage, and blockchain-based indexing for distributed queries.
  • Developed and integrated FastAPI services with Web3DB’s smart contract infrastructure, supporting schema inference, parquet conversion, and CID-based indexing on Ethereum test networks.
  • Conducted performance evaluations of blockchain-backed logging and query execution, analyzing gas costs, transaction overhead, and distributed query latency across IPFS datasets.
  • Collaborated with research and engineering teams to advance decentralized data-sharing standards, ensuring scalability, security, and usability in Web3 applications.
2. Soon
July 2024 - September 2024
  • Conducted thorough internal, external, and web application penetration tests, identifying critical vulnerabilities across diverse client environments.
  • Performed cloud and API penetration tests, uncovering key security flaws and providing actionable remediation recommendations.
  • Executed comprehensive vulnerability assessments, using tools like Nessus and Burp Suite, to help clients improve their overall security posture.
  • Authored detailed reports outlining findings, risks, and mitigation strategies tailored for both technical teams and executive-level stakeholders.
3. soong
September 2022 - June 2024
  • Led penetration tests, including internal and external network, web, API, social engineering, and wireless exploitation.
  • Developed and presented detailed reports outlining findings, risks, and recommendations to technical and non-technical stakeholders.
  • Orchestrated the entire penetration testing process, from initial scoping discussions to final delivery, ensuring a seamless and effective engagement.
  • Supported the vCISO and audit teams in delivering customized and comprehensive recommendations to clients.
4. soon
May 2021 - September 2022
  • Managed various security-related technologies, leading to a 40% increase in EDR coverage across the environment.
  • Designed and implemented Bash, Powershell, Ansible, and Expect scripts to automate risk monitoring and environment security.
  • Collaborated with different departments and stakeholders to ensure compliance with the PCI-DSS standards.
  • Orchestrated patch management of over 3,000 devices using Jamf Pro, resulting in an 80% improvement in patch coverage.
5. soon
May 2020 - May 2021
  • Recommended, installed, and configured networking equipment and server hardware for a new office location.
  • Deployed, administered, and configured network services, including IPS, OpenVPN, LDAP, and RADIUS, within the environment.
  • Created and managed a secure, segmented network file server for business records, supporting data digitization.
  • Developed and implemented technical policies, documented assets, and established standard operating procedures for IT resources.
INDUSTRY CONTRIBUTIONS
1. hmmm
August 2023 - Present
  • Participated in WRCCDC, MWCCDC, and MACCDC as a member of the red team, simulating cyber-attacks to test the defenses of teams.
  • Developed and executed strategies for network penetration testing and post-exploitation tasks in a competitive environment.
  • Collaborated with a team of cybersecurity experts to create realistic threat scenarios, enhancing the learning experience for blue team participants.
  • Utilized a variety of tools and techniques for ethical hacking, including network scanning and scripting custom attack vectors.
2. hmmmm
June 2023 - September 2023
  • Two-time speaker at The Churubusco Chamber of Commerce, educating business leaders on cybersecurity best practices.
  • Engaged in fruitful discussions with attendees, providing tailored insights to enhance organizations' cybersecurity posture.
3. hmmmm
October 2021 - Present
  • Led team in the creation and documentation of CTF challenges for the annually recurring BSides Fort Wayne CTF.
  • Coordinated with organizers leading up to the event to architect and design the BSides Fort Wayne conference.
  • Built recurring offensive security labs and learning meetups, serving as a mentor on penetration testing and CTFs.
4. Team Lieutenant | Linux Lead & Co-Offsec Lead at Indiana Tech Cyber Warriors
August 2024 - Present
  • Managed a 20-member team in diverse specializations, including Linux, penetration testing, Windows, networking, and GRC.
  • Prepared for and participated in various cyber defense competitions, such as CPTC, CyberForce, Hivestorm, NCL, and CCDC.
  • Oversaw the development of training materials for team members, including Linux labs and CTF challenges.
  • Engaged in semi-monthly 8-hour-long purple team events to ensure robust penetration testing and hardening abilities.
  • Designed and deployed complex 25+ server network topologies with diverse Windows, Linux, and ESXi services to practice within.
  • Achieved the teams highest placement in the National CCDC competition against schools like UCF and Stanford.


------------------------------------------------

 Completed in 0.01s