Resume – Stephen Rees-Carter

My employment history is listed below, but you can also find it over on LinkedIn, and for my open source work, please check out my GitHub profile. Also, you can email me at [email protected] if you would like a more formal resume.

Stephen Rees-Carter

Stephen is a security consultant and crusted-on PHP developer who spends his days doing Laravel Security Audits and Penetration Tests. When he’s not trying to hack his client’s websites, he teaches Laravel developers about security concepts through his Laravel Security in Depth mailing list and Practical Laravel Security course, where he teaches Laravel developers about security concepts and how to think like a hacker. His conference talks have been described as “terrifying magic tricks“, that show just how easy it is to hack into a vulnerable site and cause mayhem.

Currently Working

Laravel Security Audits and Penetration Testing
Since January 2022, I’ve been doing contact security audits and penetration tests for PHP and Laravel apps. It involves reviewing my client’s code, finding weak and vulnerable code, demonstrating exploits on staging environments, and reporting all findings plus recommendations.

Practical Laravel Security
Launched in November 2022, Practical Laravel Security is hands-on course that uses interactive hacking exercises to teach you how to keep your Laravel applications secure. I am building the full course, writing all the materials, and setting up the interactive challenges.

Laravel Security in Depth
Since September 2021, I’ve been writing weekly emails about Laravel and PHP security for developers. The posts cover a wide range of security topic and involve research, example code, and even some interactive examples. The longer In Depth posts are paywalled, but I can provide preview links if you would like to review my writing.

Open Source Contributions
My GitHub contains my open source work, and I’ve recently submitted a couple of Pull Requests to Laravel with a security focus.