Education

Stanford University

  • MS, Computer Science (Computer and Network Security) 2018 - 2020
  • BS, Computer Science (Systems) 2008 - 2012

Companies I Founded

Socket — Founder & CEO 2020 - present

  • Socket is a developer-first security platform that protects critical apps from software supply chain attacks.
  • Protecting 5,000+ organizations and 250,000+ repositories.
  • Customers include top organizations in tech, media, manufacturing, and finance — including OpenAI, Figma, Anthropic, Vercel, Mistral, Brave, SymphonyAI, Metamask, Drata, Harvey AI, Replit, Alchemy, Sanity, Expo, and Phantom,
  • Raised $25M from Andreessen Horowitz, Elad Gil, Dylan Field, Abstract Ventures, Nat Friedman, Julia and Kevin Hartz, Wndrco, Michael Ovitz, Arash Ferdowsi, Jawed Karim, Aaron Levie, Guillermo Rauch, Freddy Kerrest, and Unusual Ventures. (See Series A and Series Seed)

PeerCDN — Founder & CEO Mar 2013 - Dec 2013

Study Notes — Founder 2007 - 2019 code

  • Offers study tools and college prep to high school students.
  • Reaches 800,000+ U.S. students each month.
  • Students spend 3,300+ hours studying on Study Notes each day.

Open Source Projects I Started

BitMidi — Author & Maintainer 2018 - 2019 code

  • Listen to MIDI files, curated by volunteers around the world.
  • Supports in-browser playback using a WebAssembly MIDI player.
  • Reaches 150,000 users per month.

WebTorrent Desktop — Author & Maintainer 2016 - 2022 code

  • Lightweight, fast torrent app for Mac, Windows, and Linux.
  • Supports instant streaming – no need to wait for download.
  • Installed 30,000 times per month.

WebTorrent — Author & Maintainer 2013 - 2022 code

  • The first torrent client that works in the browser.
  • Connects website users together to form a distributed, decentralized browser-to-browser network for efficient file transfer.
  • BitTorrent over WebRTC for in-browser peer-to-peer transport.
  • See the WebTorrent FAQ to learn more.
  • JavaScript library is loaded 60 million times per month.

Standard JS — Author & Maintainer 2015 - 2022 code

  • JavaScript style guide, with linter, & automatic code fixer.
  • The easiest way to enforce consistent style in JavaScript projects.
  • Installed 4.3 million times per month.

Many Open Source Projects — Author & Maintainer 2013 - present code

Experience

Stanford University — Visiting Lecturer Sep 2019 - Sep 2023

  • Created a brand-new course CS 253: Web Security.
  • Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.

JS Party Podcast — Panelist Mar 2018 - Dec 2023

  • A community celebration of JavaScript and the web.

Brave Software — Independent Consultant Dec 2016 - Dec 2021

  • Integrated my WebTorrent open source library into Brave Browser.
  • Provide ongoing support for WebTorrent issues.

Stanford University — Teaching Assistant Fall 2018 - Winter 2020

Node.js Foundation — Board of Directors Jan 2016 - Jan 2017

Yahoo — Software Engineer Dec 2013 - Feb 2015

  • Sold my company PeerCDN to Yahoo in December 2013
  • Built fast, mobile-first HTML5 video player

Stanford University — Teaching Assistant Winter 2012

Quora — Software Engineer Intern Summer 2011

  • Developed and launched the embedded video feature.
  • Ported lots of Python code to Scala code.

Facebook — Software Engineer Intern Summer 2010

  • Developed and launched Facebook Groups to 500 million Facebook users, on a team of only 5 engineers in 4 months.
  • Facebook Groups offers users a shared space to share stuff, chat, and keep in touch with small groups of friends.
  • Implemented new HTML email design, incoming email handler, and member management UI.

Stanford University — Section Leader Winter 2009 - Fall 2011

Intel — Web Developer & Videographer Summer 2007 & Summer 2008

  • Worked at Intel in high school, for two summers
  • Built an internal video portal to improve manager-employee communication (major Intel IT initiative)
  • Built web app to help engineers quickly create customer support tickets from large error report database
  • Redesigned internal IT website to improve usability

Discontinued Projects

Play 2017 code

  • Music videos with insider song facts.

Instant.fm 2011 code tech stack

  • Create and share music playlists with your friends.
  • Built in 3 months, with friend Jake Becker, as Stanford senior project.

YouTube Instant 2010 code

  • 1,000,000 visitors within 10 days of launch, and personal job offer from YouTube CEO Chad Hurley. [Read more]
  • Featured in New York Magazine, Washington Post, NY Times, San Francisco Chronicle, Mashable, Engadget, TechCrunch, Fast Company, All Things D, VentureBeat, LifeHacker, PC Magazine, etc. [Read more]
  • Built in 3 hours using YouTube API and JavaScript.

iBoard 2010 unreleased

  • iBoard was a multi-user drawing app that let people from anywhere in the world draw together in real-time.

FreeTheFlash Entertainment 2004 - 2006

  • Built when I was 14.
  • 3,000,000 page views and 600,000 unique visitors in 2006.
  • Featured 100s of user-submitted Flash animations, games, soundboards, audio, and videos.

Research

FillDisk.js — Proof of Concept Dec 2013 code

  • Demonstrated an attack that allows any website to have unlimited storage space on a visitor's computer.
  • Works in Chrome, Firefox 3.5+, Safari 4+, IE 8+.

Using the HTML5 Fullscreen API for Phishing Attacks — Proof of Concept Oct 2012 code

  • Demonstrated a phishing attack that can be performed with the W3C JavaScript fullscreen API.
  • Emulates user's current browser, OS, and screen size to convince them they are on trusted HTTPS site.

WireSheep — Original Tool Nov 2011 code

  • News Feed of activity on your local network
  • WireSheep lets you sniff packets on an open WiFi network. Instead of just stealing login cookies, like FireSheep, it lets you see traffic in realtime, like Wireshark. WireSheep shows you each user on the network and all the HTTP requests they're making.
  • Built with teammates John Heisey, Nikil Viswanathan, and Daniel Posch.

CMSploit — Original Research Nov 2011 code

  • Nearly 1% of websites built with a CMS (like WordPress or Joomla) are unknowingly exposing their DB password.
  • Temp files created by text editors may still linger after editing is finished, exposing the configuration file and database credentials to attackers.
  • I wrote a program to test for the prevalence of this issue across the whole web. I tested the top 200,000 websites and found that 0.77% of websites running a CMS have publicly-visible config files and DB passwords.

Adobe Flash Remote Webcam Exploit — Original Research Oct 2011 code

  • I discovered a vulnerability in Adobe Flash that allows any website to turn on your webcam and microphone without your knowledge or consent to spy on you.
  • It uses user interface redressing (clickjacking) to trick the user into doing a series of four clicks which remotely enables their webcam.
  • The exploit was covered on CNET, Wired.com, The Register, Ars Technica, Gizmodo, PC World, Yahoo! News, ZDNet, The Inquirer, and Computer World.

Automatic Retargeting of Webpage Content — Stanford Computer Science — Human-Computer Interaction Lab Summer 2009

  • We built an application for casual web designers to explore possible designs for their website.
  • The designer selects a site they like and they can apply it's page layout and styles to their own site.

Organizations

StartX — Innovator in Residence Sep 2012 - 2014

  • Stanford's startup accelerator program.

Stanford Association for Computing Machinery — President 2008 - 2012

High School Website Team — Lead Programmer 2006 – 2008

  • Built and maintained school website.
  • Fixed teachers' hardware and software problems for 5 hours / week.

High School Key Club — Webmaster & "Techie" 2005 – 2008

  • Helped coordinate volunteer service events for 200+ club members and produced movies/slideshows of the events.
  • Built club website (offline but mirrored; I'm keeping the site alive because of all the good memories I had in the club)

Sites I Built

I started designing websites at age 13, when I first learned HTML. Since then, I've built lots of sites, mostly for myself, but a few for organizations that I like:

AMENDS 2012

  • Stanford student initiative to help promising youth in the Middle East and United States to learn from each other, through TED style talks, and share their ideas and experiences with the world.

Hunger and Homelessness Auction 2010 - 2011 site offline

  • In 2010, we used this site to run the Stanford Charity Auction.
  • In 2011, we re-purposed it to run the Stanford Hunger and Homelessness Auction.
  • Items were donated by Stanford students, faculty, and local businesses, and auctioned off with all proceeds donated to the Stanford Opportunity Center.

Hands 4 Hope Youth 2008 - 2009

  • Youth-driven outreach organization based in my hometown.

Contact Info

Talks

Full List of Conference Talks

Available on GitHub.

WebTorrent: Bringing BitTorrent to the Web (with WebRTC and Mad Science) April 25, 2014

Talk at CraftConf in Budapest. Video:

WebRTC Demystified March 9, 2014

Talk at JSFest: Evolution of Experience in San Francisco.

WebRTC Data Black Magic Oct 19, 2013

Talk at RealtimeConf in Portland. Video:

What the Open Web Can Do for You May 24, 2013

Talk at Shift Conference in Split, Croatia.

Database Passwords Everywhere! Jan 20, 2012

Talk at Stanford ACM.

How to Start Your Company by Age 21 Feb 26, 2011

Panelist. Invited by Stanford ASES.

Going Viral on the Web Oct 29, 2010

Talk at Stanford ACM.

The Story of YouTube Instant Oct 18, 2010

Invited by Stanford ASES.

Web Security at Stanford Jan 29, 2010

Talk at Stanford ACM.

Hackathon Wins

Yahoo Hack Day — Winner May 2014

For building something related to music (unreleased, will update if released).

Yahoo Hack Day — Winner Feb 2014

For building something related to video (unreleased, will update if released).

Stanford Hackathon — 1st Place Jan 2013

For building cctv.js, a way to watch live visitors using your website.

Stanford Hackathon — 1st Place Nov 2011

For building WireSheep, a tool for spying on your network's HTTP traffic in a pretty News Feed format.

Greylock Hackfest — 2nd Place Aug 2013

For building Oculus Drone, which lets you pilot a Parrot AR Drone with the Oculus Rift virtual reality headset! Mad science!

Stanford Big Hack — 2nd Place Apr 2012

For building Fling, an easy way to send songs, videos, and links from mobile to desktop.

Awards

Google Open Source Peer Bonus Aug 2021

Awarded by Google for contributions to open source. For simple-peer.

WebRTC Pioneer Award Jun 2014

Awarded by WebRTC Conference & Expo for WebTorrent.

Founders 50 Apr 2012

Invited to Founders 50. "50 hand-selected people whom Founders Fund partners consider the best-and-brightest in the tech world"

.Net Magazine Awards — Finalist Nov 2011

Nominated for:

2010 Person of the Year Jan 2011

Awarded by Sacramento Magazine.

Math Steeplechase, 2-time winner 2005 - 2007

EDUHSD team competition. Results:

  • 1st place—2007
  • 1st place—2006
  • 3rd place—2005

In the News

TorrentFreak Dec 2015

WebTorrent Brings BitTorrent to the Web, Impresses Netflix

Huffington Post May 2015

Young and Entrepreneurial: How 24 Year Old Study Notes Founder Feross Aboukhadijeh Stumbled Upon Viral Success

InfoQ Jul 2014

Feross Aboukhadijeh on WebRTC, PeerCDN, WebTorrent

Stanford Daily Jan 2014

Yahoo purchases alumni startup, PeerCDN

TechCrunch Dec 2013

Yahoo Acquires PeerCDN As It Builds Out Its Content Strategy

Sacramento Bee Dec 2013

Tech wizard started with a $25 computer

Chris Kranky Aug 2013

Interview with PeerCDN's Feross Aboukhadijeh

Gizmodo Feb 2013

Thanks To HTML5 This Website Can Fill Your Whole Hard Drive with Cats

FOX 8 Cleveland May 2012

"Hackers Gain Access to Homes Through Webcams" This report is lol-worthy. Just sayin.

PandoDaily Mar 2012

"Top 5 Stanford CS Students You Should Know"

The PhenomList Jan 2012

"Feross Aboukhadijeh"

New York Magazine Sep 2011

"Bubble Boys"

Stanford Daily Sep 2011

"Silicon Valley Scion"

CNN (TV interview) May 2011

"Hiring Spree in Silicon Valley"

All Things Digital Apr 2011

"Instant.fm Launches Today"

Sacramento Magazine Jan 2011

"2010 People of the Year"

CNN Sep 2010

'YouTube Instant' creator, 19, finds instant fame

NBC (TV interview) Sep 2010

"Instant Success"

Other things I built

Netflix and Kill code

Game entry into the Ludum Dare game contest

MD5-Password-Cracker.js

Crack MD5 passwords with JavaScript Web Workers

Windows XP Emulator code

Windows XP in the browser :)

Brain Grinder code

Foreign language flashcards, with pronunciation.

SuperTranslate code

Hear a word pronounced in every language.

Emu Spin code

LSD and emus. :)

Languages

Arabic

Intermediate, studied 2 years at Stanford.

Spanish

Intermediate, studied 4 years in high school.

Running Records

  • 1600m (1 mile) — 4:22
  • 3200m — 9:43
  • 5K — 16:19
  • 10K — 43:12
  • Half Marathon — 1:44:54
  • Marathon — 4:05:31