Kien Do

Kien Do

Software Developer & Security Researcher — Ottawa, Canada

Scroll down
// about

Who I am

"I like building software... then breaking it."

My journey began with coding small C++ games, crafting elegant React frontends, and developing large-scale Python automation frameworks. As a software developer, I will always look for opportunities to improve my craft, from designing prettier UIs to engineering more resilient backend infrastructures.

I have also immersed myself in the field of cybersecurity, diving into computer networks, web and mobile security, threat intelligence, and red teaming. I have studied the entire attack chain, from reverse engineering applications to exploring the nuances of malware creation and delivery.

Currently, I am exploring the field of operating systems and low-level programming as an EDR agent software developer. This includes developing in C, C++, Rust, and applying concepts in multithreading, memory management, IPC, performance engineering, OS internals, compilers, and build systems.

Am I a software developer? Am I a security researcher? Maybe both. As I continue to progress in my career, I aim to blend the "building" and "breaking" aspects of these two fields to create software that can stand firm under any pressure.

// experience

Where I've worked

Software Developer @ TrendAI
Feb 2026 — Present
Vision One™ AI Application Security
Founding member of "AI Scanner", an LLM vulnerability scanner that uncovers hallucination, data leakage, prompt injection, misinformation, and jailbreaks prior to production deployment.
Go · Rust · AI Security · MITRE ATLAS · Prompt Engineering
AI Scanner ↗ Sockpuppeting ↗
Software Developer @ Trend Micro
Feb 2025 — Feb 2026
Vision One™ Endpoint Security
Developed low-level endpoint security features for the Deep Security Agent, securing 250 million endpoints. Built cross-platform policy controls, performance benchmarking infrastructure, and agent metrics collectors. Handled 30+ customer escalations (P0-P2) and mentored CO-OP students.
C++ · C · Rust · Lua · Python · AWS · GitHub Actions · WinDbg · Linux · IBM AIX
Endpoint Security ↗ Deep Security ↗
Software Developer @ Government of Canada
Sep 2024 — Dec 2024
Built pre-release frontend features for a large-scale data reporting application, resolving production bugs and remediating high-severity security vulnerabilities.
React · TypeScript · Cypress · Docker · E2E testing
Security Researcher @ University of Ottawa
Jan 2024 — Dec 2024
Adversary Simulation & OSINT Cyber Threat Intelligence
Investigated an APT group's attack patterns on a Canadian telecom provider by recreating their exploits in a controlled environment against an enterprise EDR solution, profiling their TTPs and developing detection signatures. Researched cyber threats and developed a Telegram OSINT tool capable of collecting 20M+ messages, users, and metadata records per day.
Atomic Red Team™ · MITRE ATT&CK® · Elastic Security SIEM · Python · Telethon · Elastic Stack
Scattered Spider Report ↗
// projects

Things I've built

Claude Cheevos
Go · Bash · Claude Code
A gamification achievement system for Claude Code that tracks coding milestones, tool usage, and workflow patterns. Features an interactive web dashboard, 140+ achievements, and integrates as a custom slash command.
Repository ↗
C Compiler in Rust
Rust · x86-64
C compiler in Rust targeting x86-64; implements lexing, parsing, type checking, and code generation.
Repository ↗
AI Minion
Python · LangChain · GPT-4o · Claude Code · ChromaDB · MCP
An autonomous AI Software Developer that manages complete software development workflows — from meeting transcripts to deployed code. Features MCP integration with 105 tools, RAG-based knowledge system, and automated Confluence docs & GitHub PRs. 1st Place @ Trend Micro AI Hackathon 2025 (Canada & USA).
Repository ↗
Bohnanza
C++14
A C++ implementation of the Bohnanza card game featuring object-oriented design with inheritance, polymorphism, factory patterns, and STL containers.
Repository ↗
LunchBox AI
Python · TensorFlow · OpenCV · Slackbot API · MobileNet V2 SSD
Real-time crowd detection with 90% accuracy, notifying users via Slack with estimated wait times. 1st Place @ Trend Micro Canada Hackathon 2024.
Repository ↗ Post ↗
Job Market Trends Analysis
Python · Docker · Postgres · Pandas · PowerBI · Scikit-Learn
An enriched data mart to analyze job market trends from 2021 to 2023 through OLAP queries, BI dashboard creation, and data mining.
Repository ↗
uOBites
React-TypeScript · Bootstrap · SASS · Flask · Postgres · Cypress
A food ordering web application for uOttawa campus food outlets.
Repository ↗ Demo ↗
Restaurant People Detection
Python · OpenCV · NumPy · PyTorch
Detection of people in video sequences using image processing and CNNs.
Repository ↗
Network Socket Simulation
Java · TCP/IP · IPv4
Client-server IPv4 packet encapsulation/de-encapsulation via TCP/IP sockets with checksum validation.
Repository ↗
Netcat NMAP Lab
Kali Linux · Netcat · NMAP
NMAP port scanning and Netcat banner grabbing lab on Kali Linux.
Repository ↗
Student TA Simulation
C
Multi-threaded TA-student meeting simulation addressing deadlock and starvation using semaphores and mutex.
Repository ↗
SQL Injection Labs
Python · Burp Suite · SQL
PortSwigger Web Security Academy SQL Injection lab notes.
Repository ↗
Auth Vulnerabilities Labs
Python · Burp Suite
PortSwigger Web Security Academy Authentication Vulnerabilities lab notes.
Repository ↗
AzoCyber
React-TypeScript · BlueprintJS · SASS · Docker
Website for a fictional cybersecurity company, focusing on UI design and analysis.
Repository ↗ Demo ↗
Grappling Arts Website
React · Bootstrap · SASS
Website for a martial arts business (Judo, BJJ, Wrestling) with user-centered design.
Repository ↗ Demo ↗
DBSCAN Taxi Clustering
Java · Go · Prolog · Scheme
Multi-paradigm MapReduce DBSCAN clustering of 200,000 taxi trip GPS records.
Repository ↗
Dental Clinic Management
PHP · Postgres · Heroku
DCMS for a dental centre with clinics across Canada.
Repository ↗ Demo ↗
Job Matching System
Java
Employer-student matching using the Gale-Shapley algorithm.
Repository ↗
Fallout 4 — Pipboy
HTML · CSS · Bootstrap · jQuery
A clone of the Pipboy from Fallout 4.
Repository ↗
Fitness Booking App
Java · JUnit · Firebase · Android Studio
Android gym management app for booking fitness classes.
Repository ↗
CSS Battles
CSS
Solutions for CSS-Battles challenges.
Repository ↗
Maze Game
C++
CLI maze game with DFS solving algorithm and a hard mode with restricted visibility.
Repository ↗ Demo ↗
LaTeX
LaTeX
Math, CS, and engineering coursework in LaTeX (English & French).
Repository ↗
// publications

Writing & Research

Sockpuppeting: How a Single Line Can Bypass LLM Safety Guardrails
Trend Micro Research · 2026
Technical blog on AI security — exploring how a single-line prompt injection technique can bypass LLM safety guardrails through sockpuppeting.
Read Article →
Low-Noise EC2 Benchmarking: A Practical Guide
DEV Community · 2026
Practical guide on reducing benchmark variance from ~40% to <5% on AWS EC2 by configuring dedicated instances, disabling hyperthreading, locking CPU frequency, and eliminating swap.
Read Article →
Fortifying EDR Solutions Using APT Simulations
University of Ottawa Research · 2024
Comprehensive report of Atomic Red Team attack simulations against Elastic Security, based on Scattered Spider tactics and aligned with the MITRE ATT&CK framework.
Read Report →