Pentest MCP
Forked & extended an interesting project from a workshop attended at BSides PDX. The project enables AI agents to perform pentesting tasks traditionally carried out by human cybersecurity analysts.
About Me
My name is Marc Chenard, and I'm a computer scientist who specializes in cybersecurity and AI. I'm particularly focused on using this skillset to serve scientific and medical organizations.
I'm just wrapping up my Master's in Computer Science on the Security track at Portland State University, having also completed the graduate cybersecurity certificate. Before that, I got my undergraduate degree in Biology from PSU's Honors College, minoring in Neuroscience.
Shifting from natural sciences to sharpening my technical skills, I've had the chance to work for organizations that align with my values, using my interdisciplinary background to work on technical projects aiming to improve health outcomes.
Previous Work
I joined an interdisciplinary team of clinical and technical interns to research how AI and vocal biomarkers might help screen and diagnose disease. I learned about the physiology of voice production, machine-learning algorithms suited for acoustic signals and speech, and the ethical questions that emerge where predictive and generative AI meet health data.
I collaborated with team members with backgrounds in general surgery, public health, computer science, and biomedical informatics. I contributed to a Python codebase built with pandas, scikit-learn, and a suite of audio processing tools. I also competed in my first hackathon in Tampa, taking on AI challenges alongside interns from OHSU, Cornell, Washington University, and the University of South Florida. My hackathon team's work spun off into an independent research project exploring what baseline voice might look like in the domain of mood disorder prediction.
Learn More:
I served as an intern in Dana Foundation's NextGen Program, which fosters a new wave of interdisciplinary experts to revolutionize neuroscience and neurotechnology by prioritizing societal needs. I reviewed and discussed incoming grant proposals to assess alignment with program goals and ethical factors.
I attended key Dana events, like the NJAM (Neurotech Justice Accelerator at Mass General Brigham) meeting during Neuroscience 2024 in Chicago. I also delved into the ethical challenges of emerging neurotechnologies, exploring impacts on future science, health data privacy, and innovative grant proposals in cutting-edge neuroscience and neurotech.
For the past year and change, I delivered lectures citing intermediate C++ syntax for CS163 Data Structures while cultivating a supportive and fun classroom environment. I helped undergraduate students master object-oriented programming, abstract data types, data structures, and algorithms using C++.
Additionally, I served as a TA for CS250 and CS251 Discrete Structures I & II, as well as CS486/586 Database Management Systems. Balancing a full-time graduate course load, I stayed organized to grade and provide timely and meaningful feedback on hundreds of assignments.
Education
Coursework included: CS510 IoT Security, CS554 Software Engineering, CS563 Web Development, CS510 Data with Python, CS510 Secure System Administration and DevOps, CS591 Computer Security, ETM562 New Venture Management, CS595 Web & Cloud Security, CS510 AI & Humanities, CS510 Exploring Fractals, CS530 Internet Web & Cloud Systems, CS540 Deep Learning, CS584 Algorithm Design & Analysis, CS532 Operating System Foundations
Graduated with a major in Biology and a minor in Neuroscience out of Portland State's Honors College. Assisted as the Community Outreach Coordinator of PSU's Neuroscience Club. Volunteered with NW Noggin, and wrote an undergraduate thesis garnering over 350 downloads. Some of my favorite classes included:
BI447 Scientific Teaching, BI412 Animal Behavior, PSY434 Psychopathology, PSY450 Psychopharmacology, BI416 Marine Mammals, BI330 Plant Biology
Selected Projects & Workshops
INL CyberStrike Workshop
I completed Idaho National Lab’s CyberStrike 'Lights Out' workshop, an immersive simulation based on real-world cyber attacks against Ukraine's power grid. Working hands-on with tools like Kali, Metasploit, and Wireshark, we traced MITM attacks, did firmware analysis, and learned defender strategies.
Fractals Generated with C
There is something to be said about the persistance required to write this kind of C -- there are several interesting programming paradigms being used here. In the case of IFS (iterated function systems) I'd argue a solution 99% of the way to being correct looks just as wrong as a 10% finished solution.
Programmatic API Pentesting
Here is some python code I wrote to solve the API testing challenges on Portswigger. I wrote these as a programmatic solution to the challenges (as opposed to clicking through something like the burpsuite UI like one might expect) for a challenge in CS595 Internet Web & Cloud Security.
marcchen.net (This Website!)
This website is a custom-built site made with the vanilla web stack, source-controlled on GitHub and deployed for free. It is configured to serve content through my custom domain marcchen.net.