 |
blue/purple teaming, reverse engineering, ethical hacking, malware, python, IDA Pro, radare2, yara, SQL, rules, Java
-
Detection and prevention rules writer/maintainer for both cloud and endpoint (all platforms).
-
Reversing/detonating malware and threat emulation for writing/testing defense rules.
-
Architect on next gen rules platform team. Designed, prototyped, and implemented new rules framework.
-
Advanced research and cross team collaboration for new product functionality/patents.
-
Manage the Microsoft Active Protections Program (MAPP) participation and was the vulnerability evaluator for 4 years.
-
Various digital engagement activities, including blogs, threat bulletins, webinars, and presentations.
malware, metasploit, Win DDK, VMWare, Windbg, Ollydbg, kernel/internals, OS X, iOS, ethical hacking
-
Member of the Cyber and R&D teams. Worked on the APT/EDR aspects of their DLP endpoint software.
-
Enhanced product to detect advanced malware techniques - Process Hollowing, Reflective Injection, use of App_Init for injection.
-
Added support to process injection framework to handle packed binaries.
-
New features and further development/support of hooking and injection subsystems.
-
BlackHat 2014 - wrote iPhone software booth demo. Simulated malicious email image taking over phone. Utilized Cydia Substrate.
-
BlackHat 2015 - wrote code for sponsored session "Can DLP Thwart Malware Attacks". Code added to existing product to detect and block in-memory ransomware.
Win DDK, kernel/internals, OS X, FUSE, embedded Linux, distributed file system, wireshark, Qt, Python
-
Maintenance coding/bug fixes for ISIS kernel file system driver and related software on OS X and Windows.
-
Implemented a system for creating, installing, and deploying system recovery images. Written in Qt.
-
Designed and implemented the embedded Linux platform for the ISIS 2000 product including distribution, installation/upgrade/recovery system, root filesystem generation, bootloader, and fs redundancy strategy.
-
Co-designed and implemented a Linux version of the ISIS file system driver using FUSE on RHEL 6.
Linux, OS X, kernel, iSCSI, Win DDK, filter driver, wxWidgets, Windows 7
-
Designed and implemented a product to allow access to the Terrablock storage product over iSCSI. Heavily modified the OSS iSCSI Enterprise Target Linux software package both at the user and kernel level.
-
Re-designed and re-implemented their existing file migration tool used for bulk movement of files/projects.
-
Ported client app to Linux using wxWidgets and consolidated all supported platforms into one project.
-
Wrote applications to remount read-only volumes and resize Apple Partition Map partitions on OS X.
-
Wrote an application to hook and inject code into arbitrary application binary functions on Windows.
Embedded Linux, C++, Fedora, Qt, Modbus, motion control, Serial RS-232, XML-RPC
-
Wrote diagnostic code for MODBUS based Galil controller over Ethernet doing analog/digital I/O.
-
Wrote diagnostic code for serial RS-232 based Mforce motion controller.
-
Worked on Qt based diagnostics interface. Also implemented all QtScript based diagnostic code.
-
In house Linux expert for 10 DOS/Windows programmers transitioning into project.
Debian, embedded, busybox, u-boot, IPSEC, kernel device driver, scratchbox, ARM 920t, Serial RS-485
-
Ported 2.6.16 kernel and u-boot to custom AT91 SoC based board used for security and automation systems.
-
Wrote a Linux kernel driver to handle serial RS-485 communications utilizing on chip DMA for on board USARTs.
-
Implemented use of Debian and Scratchbox/qemu for cross compilation and debugging infrastructure for ARM9 and x86 hosts.
-
Was in house Linux expert to large group of RTOS developers in US and Sweden.
-
Wrote applications to test protocol encryption performance under load on embedded ARM board using IPSEC.
Windows, kernel, DDK, hooking, rootkits, security, IDS/IPS, Linux, Snort, Debian, VMWare
-
Ported driver portion of existing Cylant Secure HIDS product to Windows XP from Windows 2000. Driver hooked kernel calls and monitored for rootkits/malware in real time.
-
Added features and bug fixes to Reflex Security's Snort based intrusion prevention product on Debian Linux.
-
Implemented development and QA use of VMWare for sandboxing/detonating different rootkits/malware.
Reverse engineering, IDA PRO, VMWare, Linux, python, wxWindows, serial RS-232, DAQ
-
Removed need for dongle in abandoned application by reverse engineering and binary patching DLL.
-
Wrote an application using wxWindows to interface with a custom data acquisition system. Application communicated over serial RS-232 and displayed visual representations of probes, encoders, and other indicators.
FreeBSD, OS X, HW interfacing, python, wxPython
-
Wrote a application to monitor and interface with robotic tape archive machine using wxPython.
Montavista Linux, BSP, embedded, RTOS, kernel device driver, PowerPC 440GX, u-boot, UML, I2C, pthreads
-
Wrote a Linux kernel driver for Siemens' MRC FPGA for monitoring boards' health status, also wrote related APIs and diagnostics.
-
Wrote a Linux I2C kernel driver to interface with GPIO circuitry, also wrote related diagnostics.
-
Wrote a Linux kernel driver and API for Siemens' ARC chip which handled card redundancy/failover.
-
Worked on the port of the u-boot bootloader to Siemens' next generation ATCA hardware platform. Work involved bringing CPU up, POST tests, debugging HW issues, networking/PHYs init, chip select init, startup scripts, diagnostic utilities, building file system images, GPL issues, and customization for Siemens.
-
Debugged many kernel level bugs with UML in the Montavista PRO kernel. All fixes submitted to Montavista.
-
Setup a simulation environment of Siemens' hiG Media Gateway carrier grade products using User Mode Linux.
-
Debugged and fixed the VxWorks to Linux emulation library (v2linux) including many threading issues.
-
Added features to Siemens' Clock Control FPGA kernel driver.
-
Was in house Linux expert to 40+ VxWorks developers.
Mac OS X, kernel, wxWindows, Xcode, SCSI, Linux, file systems, IOMeter, performance
-
Wrote an application and library for OS X to communicate with Facilis' Terrablock device driver.
-
Wrote an application using wxWindows to migrate and import clients' media from other storage systems.
-
Added features to their Terrablock software on multiple platforms including Mac OS 9, OS X, and Windows.
-
Created a custom bootable Linux recovery CD to restore entire system in the event of system failure.
-
Added support for very precise timing and other features to the file system benchmark program IOMeter.
-
Wrote a Windows application to generate very consistent file system loads. Application was made into a larger testing/benchmarking framework for Facilis' storage products.
NetBSD, Linux, embedded system, kernel device drivers, UNIX, kgdb, MIPS, SATA, python
-
Coded new features for their iSCSI peer-storage array product. Work involved kernel device drivers for NetBSD running on MIPS (sibyte) and x86 including user/kernel coding, cross compiling, and kernel debugging.
-
Designed solution and wrote kernel code to detect and fix specific hard drive issues dynamically (*NDA).
-
Debugged and fixed kernel panics and related bugs in pre-existing kernel code using kgdb.
-
Wrote an application that could induce specific hard drive errors under very high load (*NDA).
-
Designed and implemented a system to fully automate drive qualification using 'C' apps, scripts, and Apache.
-
Wrote various applications to search for arbitrary byte patterns on raw disks, monitor SMART data, and more.
-
Maintained and added new features to an application that searched for bad blocks on a drive and repaired them if possible. Program also monitored throughput and variance data for the drives.
-
Wrote an application to exercise raw disks simulating a mail server and pseudo file system.
QNX 4.25/6.X, RTOS, Linux, DAQ, A/D boards, Digital I/O, Port I/O, DMA, Serial 232, ncurses
-
Coded new features and maintained their metrology software which interfaced with various hardware (LVDT, encoders, motors) to compute the roundness and straightness of precision parts for commercial jets.
-
Re-designed and implemented their entire system to work with custom ISA data acquisition boards.
-
Wrote software (ncurses app and Linux kernel module) to test their proprietary data acquisition boards.
Qt, MFC, Winsock, FTP protocol, XML, SQL, VB, WMI, threads, VC++/NET, C#, COM/DCOM
-
Designed and wrote an FTP server and client following RFC. Requirements were high performance, threaded sessions, 64 bit REST, encryption, and site specific commands for control.
-
Added many new features and maintained their VMG broadcast archiving/storage product.
-
Designed and wrote an application to gather information about a system's configuration and verify the machine's state using Qt and XML. Machines could be queried over a network allowing central verification.
-
Wrote an application to interface with Adrienne time code boards using C# and .NET.
Linux/OS X/Windows/Solaris Kernel, OS Internals, Windbg, File Systems, SCSI, protocol, Perl, Python
-
Designed, wrote, and maintained Linux kernel file system driver (VFS) and associated device drivers.
-
Wrote a kernel file system driver and associated device drivers for Solaris 8.0 (SPARC and x86).
-
Wrote kernel device drivers, a file system driver (VFS), and related user-mode tools for Macintosh OS X.
-
Wrote a Linux driver and daemon that allowed file system to work over Ethernet while waiting for Fibre driver.
-
Designed and implemented a reliable protocol on top of UDP used for messaging that required running on multiple platforms and in varying environments, including soft real-time, low memory, and kernel/user mode.
-
Modified SCSI layer on Linux to support SCSI processor device exposed by Emulex Fibre channel card.
-
Wrote a Linux library to get SCSI drive info and other information via SCSI pass-thru.
-
Designed and created an embedded Linux distribution for network based filesystem product platform.
-
Maintenance coding/bug fixes including many BSODs for kernel file system driver on Windows.
-
Wrote a Windows kernel driver to probe PCI bus for configuration info used by system profile application.
-
Designed and wrote a generic, extensible, and distributed testing framework in Python used for smoke testing multiple machines over a network using pyro. Used by SQA department for testing many of Avid's products.
-
Maintenance coding and test harness for the Unity Windows Network Provider DLL.
-
Implemented redundant servers support for NT product using sockets, Inet Helper API, and MFC.
-
Reverse engineered the 3Ware IDE RAID/SAN JBOD user mode/kernel mode protocol for use in Avid products.
-
Implemented build process (ksh), testing procedures (Driver Verifier), and installer (Installshield) for products.
-
Wrote a test harness and related programs for the Windows API and WNet API.
2K/NT DDK, Kernel, Port I/O, Serial 232/422-USB, Java, MFC, Perl, RPC, Obj Grid, PVCS, Installshield
-
(+9/02) Wrote a Windows kernel driver to access IO boards over parallel ports. Also install and config utilities.
-
Implemented many major subsystems for semiconductor dispensing machine (low-level and GUI components) including temperature controllers, weight scales, conveyor, digital I/O, motion control.
-
Wrote an NT Virtual Device Driver to run DOS based GFX product on Windows NT.
-
Wrote a configuration/installation utility to burn firmware for Galil motion cards using port I/O.
-
Co-designed and implemented protocol for communicating with RS-485 boards on older machines from Windows NT.
-
Created and maintained Installshield installations for both Windows NT products (XYFlex and Matrixx).
-
Configuration management and build admin using PVCS, Configuration Builder, Perl, and cygwin.
MFC, COM, STL, Objective Grid-Toolkit, BoundsChecker, ClearCase, OpenGL, DirectX, cygwin
-
(+11/99-4/00) Provided new features, bug fixes, and an installer for their Ritap product.
-
Redesigned and rewrote COMIG, a mechanical design package for turbomachinery. Also added many new features.
-
Wrote a C++ class library (MFC extension DLL) wrapping the charting library used by all NREC products.
NT DDK, kernel drivers, Port I/O, 8051, MFC, Borland C++, BoundsChecker, IoWorks, Fastgraph
-
Windows kernel driver and related code for interfacing/data acquisition with synchro cards and other hardware.
-
Wrote Windows service to interface with Raytheon and Navy computers. The service read signals (RS-422, synchro, NTDS, and Ethernet) converting them to NEMA strings and sending to Raytheon's equipment, and driving other hardware. Signals received also sent to GUI applications with controls simulating their analog counterparts.
-
Wrote Henschel's Alarm Activation Panel used on Navy vessels. Talked over the parallel port using port I/O.
-
Maintained embedded throttle control project running on 8051 microcontroller.
-
Wrote dimmer application and protocol that controlled a custom PC-104 card for Windows NT.
-
Designed and built security/battery watchdog circuitry for PCCU flat panel display/embedded PC.
-
Wrote a program to detect lights in building turning on/off via photodiode circuit over parallel port.
|
|
