{"id":19938109,"url":"https://github.com/dweinstein/dweinstein","last_synced_at":"2026-03-19T12:39:30.369Z","repository":{"id":174964743,"uuid":"615914882","full_name":"dweinstein/dweinstein","owner":"dweinstein","description":null,"archived":false,"fork":false,"pushed_at":"2025-06-13T20:14:54.000Z","size":44,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-13T21:25:04.345Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dweinstein.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-03-19T03:33:54.000Z","updated_at":"2025-06-13T20:14:58.000Z","dependencies_parsed_at":null,"dependency_job_id":"addea7ac-8276-4390-9688-ed954ce9432d","html_url":"https://github.com/dweinstein/dweinstein","commit_stats":null,"previous_names":["dweinstein/dweinstein"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dweinstein/dweinstein","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dweinstein%2Fdweinstein","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dweinstein%2Fdweinstein/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dweinstein%2Fdweinstein/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dweinstein%2Fdweinstein/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dweinstein","download_url":"https://codeload.github.com/dweinstein/dweinstein/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dweinstein%2Fdweinstein/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30133299,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T14:41:47.141Z","status":"ssl_error","status_checked_at":"2026-03-05T14:41:21.567Z","response_time":93,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T23:38:22.980Z","updated_at":"2026-03-05T15:33:30.429Z","avatar_url":"https://github.com/dweinstein.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"[![GitHub](https://img.shields.io/badge/GitHub-%40dweinstein-239a3b.svg)](https://github.com/dweinstein)\n[![Twitter](https://img.shields.io/badge/Twitter-%40insitusec-58a1f2.svg)](https://twitter.com/insitusec)\n[![LinkedIn](https://img.shields.io/badge/Linked-in-0c66c3.svg)](https://www.linkedin.com/in/dweinst/)\n![](https://komarev.com/ghpvc/?username=dweinstein)\n\n\n## CTO, Researcher, Developer, Security, Privacy, AI, and product development enthusiast\n\nHi there! I'm David, a passionate developer, early adopter, and team builder. I love solving hard problems at any scale or part of the stack.\n\n### 🔧 Projects \u0026 Contributions\n* 📱 At [NowSecure](https://www.nowsecure.com/), I work with the product management, development, engineering, and research teams to enable automated application security and risk management solutions at scale.\n* :tophat: Although a significant portion of my work is for private companies, I enjoy contributing to communities while hacking on various hobby projects. I also like exploring radical new approaches to knowledge and code management e.g., [Glamorous Toolkit](https://github.com/feenkcom/gtoolkit), or fixing less maintream, more niche technical things like [Erlang](https://www.erlang.org/) client generation for the [openapi-generator](https://github.com/OpenAPITools/openapi-generator) project. In the past, I developed a [Node.js API client](https://github.com/dweinstein/node-google-play) for the Google Play Store to download APKs. I rewrote that client in Rust [here](https://github.com/dweinstein/rs-google-play), which was [forked by EFF](https://github.com/EFForg/rs-google-play).\n* 🗃️ [db_sampler](https://github.com/dweinstein/db_sampler): An Elixir tool for sampling rows from PostgreSQL databases and exporting to NDJSON. Supports table sampling with limits/ordering and SQL templates with EEx. Built with the adapter pattern for testability. [Docs](https://dweinstein.github.io/db_sampler/)\n* 🔍 [deps_checker](https://github.com/dweinstein/deps_checker): A Python tool for identifying vulnerable dependencies in mobile applications by analyzing SBOM data. Targets npm supply chain attacks and cross-references against known vulnerable package versions. Zero external dependencies, CI/CD friendly.\n* 🚀 I particularly like working in areas where I can leverage a broad set of skills ranging from AI, APIs, mobile technologies, reverse engineering, security, and privacy. I enjoy working with product and technology teams, collaborating on all sorts of challenging problems and projects within an enterprise B2B organization.\n* 🛠️ Lately I use a lot of tools especially [Glamorous Toolkit](https://github.com/feenkcom/gtoolkit), [Frida](https://github.com/frida/frida), [Radare](https://github.com/radareorg/radare2), and working on projects involving iOS or Android, [mitmproxy](github.com/mitmproxy/mitmproxy), and more.\n* 🐳 I've been an early adopter of many new technologies and like to rediscover old technologies and make them new. Sometimes I document my learnings through blog posts, e.g., [some handy docker articles from 2014](http://bitjudo.com/blog/2014/03/13/building-efficient-dockerfiles-node-dot-js/), which was back in the early days when everyone was learning how best to use containerization with development projects.\n* 🧠 Currently thinking a lot about things interconnected with AI, product management, cybersecurity, development, and operations.\n\n### 🛡️ Resources \u0026 Blog Posts\n* 🔗 I try and maintain [awesome-frida](https://github.com/dweinstein/awesome-frida): A curated list of awesome projects, libraries, and tools powered by Frida.\n* 📖 [OWASP Crackme Solution solved with Frida](https://www.nowsecure.com/blog/2017/04/27/owasp-ios-crackme-tutorial-frida/): I wrote this a long time ago to provide a comprehensive guide on solving a OWASP Crackme challenge for mobile app security enthusiasts while showcasing some of the amazing tools we've built.\n* 🌩️ [Cloudbleed Vulnerability and its Impact on Mobile App Security](https://www.nowsecure.com/blog/2017/02/23/cloudflare-cloudbleed-bugs-impact-mobile-apps/): An example that demonstrates the type of data I've worked with a deep dive into the Cloudbleed vulnerability and its implications for mobile app security at the time.\n* [Post-Quantum Cryptography: Security in Mobile Apps](https://www.linkedin.com/pulse/post-quantum-cryptography-security-mobile-apps-david-weinstein?utm_source=rss\u0026utm_campaign=articles_sitemaps) An article I wrote about quantum's impact on mobile apps.\n* [September 8, 2025 - Major NPM Supply-Chain Attack: Potential Impact on Mobile Applications](https://www.nowsecure.com/blog/2025/09/08/major-npm-supply-chain-attack-potential-impact-on-mobile-applications/)): Attackers compromised popular packages like `chalk`, `debug`, and `ansi-styles` with over 2 billion weekly downloads, injecting malware designed to intercept cryptocurrency transactions and steal credentials.\n* [September 16, 2025 - New NPM Supply Chain-Attack Hits 187 Packages — Here’s Why Mobile Apps Are Still at Risk](https://www.nowsecure.com/blog/2025/09/16/new-npm-supply-chain-attack-hits-187-packages-heres-why-mobile-apps-are-still-at-risk/): 187 additional packages were compromised, some even poossibly targeting mobile development ecosystems including NativeScript, Angular mobile components, and React Native adjacent packages.\n\n\n### 🌟 My Skills \u0026 Expertise\n* 📈 I enjoy helping customers solve challenges, discussing growth opportunities, entrepreneurship.\n* 🚀 Proficient in TypeScript/JavaScript/Node.js, Smalltalk/Pharo, Rust, Erlang, Python, C/C++, and other languages with a REPL, hot code loading, and convenient FFI.\n* 🤖 Experienced with various product management tools, frameworks, and platforms... I'm always eager to learn and adopt or adapt old and new technologies.\n* 🌉 Skilled in fostering collaboration and building strong relationships with my team members and business stakeholders ranging from super technical to non-technical alike.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdweinstein%2Fdweinstein","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdweinstein%2Fdweinstein","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdweinstein%2Fdweinstein/lists"}