Nico Kokonas

About Me

Hi, I'm Nico, a backend developer based in Irvine, California, originally from San Luis Obispo. For over a decade, my focus has been web scraping, distributed systems, and reverse-engineering the protection mechanisms of companies like Akamai and Cloudflare. Most of my career has been spent on technical problems that look impossible at first glance and building the infrastructure to solve them reliably at scale (with some growing pains).

I founded MINDWISE.IO in 2016, when digital card fraud was near its peak -- breaches every other month, millions of stolen cards flooding the market. The business was aimed at banks, but banks, it turns out, are not interested in individual fraud prevention solutions. They carry insurance, they move at a glacial pace, and they do not integrate new technology willingly. Two lessons came out of this:

  • Ideas are useless without execution. You need both.
  • You need to validate your market through actual A/B testing, not through intuition or hand-waving.

We were ultimately overshadowed by Recorded Future, who operated on similar principles but launched ahead of us. Their trajectory is instructive:

  • They initially focused on presentation over substance -- making their product look impressive even before delivering substantial value
  • This polished appearance attracted significant investment
  • With funding secured, they eventually built a product that delivered genuine value

The lesson: you need to sell the vision before you can fully build it. The line between strategic positioning (Recorded Future) and outright fraud (Theranos) is the intent and ability to actually deliver.

My interest in this work started early, in digital communities that were more concerned with hacking and exploitation than with making the world a better place. They operated as a kind of meritocracy, rewarding technical skill above all else -- but the real-world impact of those activities proved far more harmful than my younger self anticipated. Call it naivety or willful ignorance, but I failed to fully grasp the consequences at the time.

That experience -- seeing how the digital underworld operates, followed by genuine regret for any participation -- is what drove me toward building defenses against exploitation. Having seen these tactics from the inside, I now channel that knowledge into legitimate purposes:

  • Extracting data from heavily protected platforms (legally and ethically)
  • Building resilient distributed systems that can withstand attacks
  • Circumventing anti-automation measures for legitimate business needs

That arc -- from breaking systems to defending them -- is the core of my professional evolution.

My Technical Philosophy

Good engineering starts with understanding the "why" -- not just what needs to be built, but why it should be built a specific way. I'm a fan of the Unix philosophy: code should be readable, maintainable, and composed of small parts that do one thing well. Disclaimer: I regularly fail at this with personal projects, but I hold the line at work.

On AI: I don't believe in "vibe coding" -- the practice of writing code without truly understanding how it works. In a real, functional engineering organization, this approach is dangerous. Here's why:

  • Systems lack self-knowledge: The code we write cannot explain itself or understand its own operation
  • Knowledge transfer is crucial: When engineers don't understand their systems, institutional knowledge evaporates
  • Real consequences await: Without deep understanding, we risk catastrophic failures -- planes falling from the sky, critical infrastructure collapsing -- with no one able to diagnose or fix the problems

AI is here to stay, but it's our responsibility to use it as a tool, not a crutch. We must maintain our understanding of the systems we build, even as AI assists in building them.

Beyond Engineering

My interests extend well beyond technology:

  • Literature, philosophy, and history -- my intellectual passions and probably where I have the most natural talent.
  • Computer science and mathematics -- my professional foundations.
  • Medicine -- In my younger years, I vacillated between medicine and computer science. With medical devices, I see an opportunity for a marriage of the two that can materially improve people's lives.

I pursue these through self-directed study, long-form writing, and by building prototypes that connect ideas back to real systems. Professionally, I'm drawn to projects where the technical problem is genuinely hard and the outcome matters -- helping businesses access data they need to make informed decisions, enabling researchers to gather insights at scale, or building systems that democratize access to information.

Technical Achievements

I've reverse-engineered and automated against some of the most sophisticated anti-bot systems in the industry:

  • Ticketmaster -- Revitalized Automatiq's ticket inventory management backend, breaking/fooling their anti-automation measures to access accounts at scale (millions of accounts)
  • Vivid Seats -- Automated high-volume ticket acquisitions despite robust anti-automation measures
  • SeatGeek -- Circumvented their bot detection for large-scale operations
  • Nike -- Defeated their infamous anti-bot systems for limited release purchases
  • Walmart -- Automated inventory monitoring and purchasing at scale
  • Kohl's -- Bypassed their shields for price monitoring at scale
  • Amazon -- Ran persistent automation against their detection mechanisms for both price tracking and account data extraction
  • Citibank -- Automated extraction of user data at scale and with their consent. Automated submission and fulfillment of price protection claims for items whose prices changed within the past month
  • Crypto marketplaces -- Multiple platforms (unable to name due to confidentiality agreements)
  • Dark web marketplaces -- Comprehensive experience across the entire ecosystem, extraction of huge amounts of data pipelined into BigQuery for analysis

Work Experience

Senior Software Engineer -- MedTechWare

January 2026 - Present

Part of a lean team of engineers, serving major names in the field and acting as a general consultant for all things medical devices and the complex blend of regulation, security, software, and hardware they entail. Bonus points for improving people's lives.

Independent Research & Applied Security

2025 - January 2026 -- Self-Directed Study

Operated passive distributed scraping infrastructure for clients (remote). In person, vibrated principally with organizations dedicated to the promulgation of free and open-source software, such as the techno-populist Futo.

Scraping Engineer -- Automatiq

July 2021 - June 2024

Took a small static set of EC2 instances running legacy code and transformed them into a distributed scraping system processing 10M+ tickets daily (on Fargate). Crafted workarounds to bypass Ticketmaster's countermeasures, such as a method to deliver tickets to a buyer without them ever leaving the seller's account (transferless). Built a serverless API to process Apple Wallet tickets and produce PDFs. Segmented each provider into its own queue, enabling autoscaling and significantly reducing time-to-resolution for customers.

Co-Founder & CTO -- MINDWISE

August 2017 - June 2021

Built a real-time threat intelligence platform for financial institutions. With a team of two, engineered a continuous monitoring system that identified cardholders whose information was being sold, matching on partial data via an integration with LexisNexis. Partnered with the U.S. Postal Service Cybercrime Unit to triangulate sources of illicit material on the darknet.

Co-Founder -- Track4

January 2017 - June 2017

Co-founded threat intelligence company serving First National Bank of Nova Scotia. Built automated surveillance systems for criminal marketplaces trading stolen payment cards.

Master Data Engineer -- Gaine Solutions, Inc.

January 2016 - August 2016

Helped build the Sanator Provider Registry, California's mandated healthcare provider directory. Became proficient in SQL and working under regulatory requirements (HIPAA).

Offensive Cyber Security Engineer -- Azorian Cyber Security

April 2015 - September 2015

Executed penetration testing and vulnerability assessments. Recovered stolen assets for corporate clients (hacking back). Engineered custom Red Team tools in Python and .NET to support our internal operations.

Spacecraft Engineering Intern -- Stellar Exploration @ NASA Ames

May 2014 - August 2014

Contributed to satellite development on the NASA Ames campus. Designed a Uniform Light Source for lens calibration. Provided cross-functional engineering support for spacecraft operations.

Education

B.S. in Computer Science

2022 - 2024 -- Utah Tech University

Completed B.S. in Computer Science in two years while maintaining full-time employment as a software engineer at Automatiq. Relevant coursework:

  • Computer Architecture
  • Operating Systems
  • Computer Security
  • Advanced Algorithms
  • Network Security
  • Computer Graphics

Computer Science (60 Credits)

2014 - 2019 -- University of California, Los Angeles

Completed 60 credits towards B.S. in Computer Science. Relevant coursework: Object-Oriented Programming, Computer Networks, Computer Vision, and Machine Learning.

High School Diploma

2012 - 2016 -- Mission College Prep

Received MIT's Promise of the Future Award in 9th grade (2012). Early focus on mathematics and computer science. Started programming at age 14 and began first professional work during this period.

Certifications & Licenses

  • Licensed General Class Amateur Radio Operator -- Callsign KK6GDI
  • Google Cloud Certified Solutions Architect (2024)
  • CompTIA Security+ (2025)
  • CompTIA Network+ (2019)
  • CompTIA A+ (2015)

Awards & Recognition

  • 1st Place in Instructables Explore Science Contest (2015) -- High Altitude Scientific Research Balloon Project (link)
  • MIT's Promise of the Future Award (2012) -- Mission College Prep, 9th Grade

Testimonials

"Building our company from the ground up with Nico was a transformative experience. His leadership, ability to organize complex processes, and expertise in architecting resilient distributed systems were instrumental in meeting our clients' needs and scaling our operations. Nico's technical depth is matched by his vision and reliability as a co-founder."

-- Emilio Pagan-Yourno, CEO/COO at Unbank

"Nico is the rare combination of technical expertise and business acumen. His ability to architect scalable systems and his deep understanding of the dark web make him a valuable asset to any project. He's not just a developer who knows a lot about a little - he's a versatile problem solver who can deliver."

-- Tobin Shea, CEO at MINDWISE.IO

Freelance FAQ

Services & Expertise

What services do you offer?

Web scraping, data extraction, and distributed systems at scale -- including reverse-engineering JavaScript protection mechanisms, bypassing anti-automation measures, and building the pipelines that process the results. Beyond scraping, I have broad backend experience across Node/Typescript, Go, Python, C#, Postgres, SQL Server, and more. I gravitate toward novel problems.

What is your development process like?

The Unix philosophy -- small, composable tools that do one thing well -- shapes how I approach most problems. Security and reliability are non-negotiable; adaptability to change is a close third. In practice, the tempo depends on the project: some environments call for rapid iteration and quick feedback loops, others demand surgical precision where every change is deliberate. I calibrate accordingly.

What kind of companies do you work with?

The range has been wide: financial institutions, ticketing platforms, medical device companies, healthcare data firms, lean startups, and more. What ties them together is usually a hard technical problem -- whether that's navigating regulatory constraints, defeating sophisticated anti-bot measures, or building infrastructure that has to stay up. I'm drawn to the variety; each domain brings its own set of constraints and trade-offs, and that keeps the work interesting.

Pricing & Timelines

How much does a project typically cost?

Depends on the project. For scraping/automation at scale against well-resourced companies, it can be difficult to project a cost until exploratory work is done and complexity is better understood. For simpler, one-off projects, I can usually give a ballpark estimate within a few hours of discussion.

What are your payment terms?

Payment can be handled in a number of ways; discuss over Signal. I charge by the hour and don't invoice unless I've delivered. Flat fees are not a good fit for scraping/automation projects, given the uncertainty and the need to adapt to changes on the target site.

How long does a typical project take?

Timelines depend on scope and complexity. Smaller projects might take 3-4 weeks, while larger ones can range from 2 to 4 months. I provide a detailed timeline estimate after the initial discovery phase.

Do you offer retainers or ongoing support?

Yes, for clients needing ongoing design support, feature development, or maintenance, I offer monthly retainer options tailored to specific needs. For small (i.e. individual) clients, I generally don't charge for ongoing support/advice, only for new work.

About Me

What do you enjoy most about your work?

It boils down to the scientific method: observe the phenomenon, hypothesize a cause, test it, iterate. Over time you develop an intuition for what to try first and how to test it efficiently. That feedback loop -- especially against a well-defended target -- never gets old.

What are your interests outside of work?

Strategy games -- chess and go. Tinkering with RF hardware (licensed General Class amateur radio operator, callsign KK6GDI). Contributing back to the open-source software community that gave me so much. Amateur student of sociology, history, political economy, and English literature. A previous user of Goodreads who refuses to patronize the platform; my reading habits can now be tracked on a federated alternative, BookWyrm.