Skip to content
View rodneystanley2025's full-sized avatar

Achievements

Achievement: Pull Sharkx2

Achievements

Achievement: Pull Sharkx2

Block or report rodneystanley2025

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
rodneystanley2025/README.md

Hi, I'm Rodney Stanley

Quality Assurance Engineer → Cybersecurity & AI Red Teaming (LLM Security)
📍 Eden Prairie, MN
📧 rodney_stanley@hotmail.com
🔗 LinkedIn

👋 Overview

I bring 20+ years of experience delivering high-quality, secure software and now apply that testing discipline to cybersecurity and AI red-teaming.

My focus is on systematically identifying failure modes in AI systems, documenting risk, implementing mitigations, and validating defenses through structured adversarial testing. I am especially interested in how traditional QA and abuse-case thinking translate into effective AI security practices.

I document both what works and what fails, because realistic security depends on understanding both.

Recent work focuses on detecting and mitigating crescendo-style multi-turn attacks, including cross-turn risk accumulation, decay, and post-mitigation adversarial replay.

🔴 AI Red Teaming & LLM Security Research

I focus on why AI systems fail over time, not just how they fail on a single prompt. My work shows how multi-turn interaction, context accumulation, and misplaced trust lead to real-world security breakdowns that single-turn testing routinely misses.

I design and execute structured AI red-team exercises against LLM-powered systems, emphasizing realism, documentation, and defense-in-depth rather than one-off prompt tricks.

My work focuses on:

  • Prompt-based adversarial testing (memory evasion, authority abuse, policy contradiction)
  • Multi-turn adaptive attack scenarios, including crescendo-style escalation and cross-turn pressure testing
  • Canonical denial design and statelessness enforcement
  • Training data claim suppression
  • Evidence-based mitigation and residual risk analysis
  • Stateless semantic risk scoring and escalation thresholds
  • Cross-turn risk accumulation with deterministic decay (no conversational memory)

⭐ Featured Project: Staged AI Red Team Lab (Multi‑Turn LLM Failure Analysis)

A full end-to-end red-team exercise designed to expose multi‑turn and orchestration failures in a locally hosted LLM API…, following a staged methodology similar to internal security assessments.

What this project demonstrates:

  • Threat modeling for LLM-backed services
  • Adaptive adversarial prompt design
  • Multi-turn pressure testing
  • Code-level policy enforcement
  • Post-mitigation retesting
  • Formal security documentation

Key Artifacts Produced:

  • Stage-based findings reports
  • Mitigation and risk assessment plans
  • Residual risk register
  • Security posture and controls matrix
  • Known limitations and non-goals
  • Adversarial evasion analysis and “where I would attack next” assessment

🔗 Repository: https://github.com/rodneystanley2025/ai-red-team-lab

🛠 Applied Security Engineering Projects

SecureConfigAI — AI-Powered Configuration Scanner

Scans infrastructure and application configuration files (YAML, JSON, INI, TOML, etc.) for OWASP Top 10–style misconfigurations using a combination of rule-based analysis and AI-assisted review.

  • Identifies insecure defaults, excessive permissions, exposed secrets, weak encryption, and dangerous functions
  • Combines deterministic rules with LLM-assisted analysis
  • Built with Python, Pydantic, LangChain, and open-source security rulesets
  • Designed for extensibility and future CI/CD integration

🔗 Repository: https://github.com/rodneystanley2025/SecureConfigAI

🧪 Security Labs & Hands-On Experience

  • AI Red Teaming Labs – AI Red Teaming Labs – Prompt injection, memory evasion, authority abuse, crescendo escalation, and policy contradiction testing
  • API Security Testing Lab – Reconnaissance and testing with Burp Suite, Postman, Nmap (APISec University)
  • Vulnerability & Abuse-Case Testing – Volunteer Security QA at Chance AI (Dec 2024 – Mar 2025)
  • Python & Security Automation – 400+ consecutive days on CodeSignal Learn (top percentile rankings)

🏆 Certifications

  • CompTIA Security+ (SY0-701) – 2025
  • Cisco CCST Cybersecurity – 2025
  • Certified Scrum Master (CSM) – 2024
  • ISTQB Certified Tester Foundation Level (CTFL) – Since 2007
  • Certified AI Security Expert (Msec-CAIS) – In Progress

💻 Technical Focus Areas

AI & Security:
LLM Security, AI Red Teaming, Prompt Injection, Crescendo Attacks, Abuse-Case Testing, Defense-in-Depth

Security Tools:
Burp Suite, Nmap, Wireshark, Postman

Cloud & Infrastructure:
Azure, AWS, Docker, Kubernetes

Testing & Automation:
Selenium, C#, Azure DevOps, JIRA

Python & AI Tooling:
Python, Pydantic, LangChain, OpenAI/Groq APIs, Pandas

📫 Let’s Connect

I’m always open to conversations about:

  • AI red-teaming and LLM security
  • Secure SDLC and abuse-case testing
  • Career transitions into cybersecurity and AI security

🔗 LinkedIn
📧 rodney_stanley@hotmail.com

⭐️ From Rodney Stanley

Popular repositories Loading

  1. ai-red-team-lab ai-red-team-lab Public

    Flagship Project: Staged AI Red Team Lab

    Python 1

  2. rodneystanley2025 rodneystanley2025 Public

  3. SecureConfigAI SecureConfigAI Public

    The **AI-Powered Config Scanner** is an proof of concept web-based application designed to elevate cybersecurity posture by meticulously analyzing configuration files for potential vulnerabilities

    Python