Summary
Experience
Senior Reverse EngineerMandiant (Google Cloud)
- Led analysis efforts on over 50 advanced persistent threat (APT) campaigns, uncovering novel evasion techniques and improving detection rates by 25%.
- Developed and maintained custom IDA Pro and Ghidra scripts, boosting binary analysis efficiency by 40% for the team.
- Performed in-depth vulnerability research on critical software components, leading to the discovery of 3 zero-day vulnerabilities in widely used enterprise applications.
Reverse EngineerIntel Corporation
- Conducted static and dynamic analysis of firmware and drivers, identifying and mitigating 15+ critical security weaknesses in pre-release products.
- Developed automated tools in Python to extract indicators of compromise (IOCs) from malware samples, reducing manual analysis time by 30 hours per week.
- Collaborated with threat intelligence teams to reverse engineer complex malware families, providing actionable insights for incident response that led to a 15% reduction in successful intrusions.
Projects
Malware Sandbox Evasion Toolkit
- Developed a suite of open-source tools in Python to analyze and demonstrate common sandbox evasion techniques used by malware.
- Implemented methods for detecting virtualized environments and delaying execution, contributing to better understanding of evasive samples.
- Gained over 1,500 GitHub stars and 500 forks, indicating significant community interest and utility for security researchers.
ARM64 Binary Patcher
- Created a custom C++ utility for patching ARM64 binaries for security research purposes, enabling dynamic modification of instruction flows.
- Achieved a 95% success rate in modifying targeted functions without corrupting executable integrity.
- Improved personal research workflow by automating repetitive binary modification tasks for embedded systems.
Rootkit Detection Framework
- Designed and implemented a kernel-mode driver (Windows) and LKM (Linux) for detecting known and unknown rootkit behaviors.
- Utilized API hooking and integrity checks to identify stealthy malicious activity with a 90% detection rate in test environments.
- Published findings in a personal blog series, receiving positive feedback from the security community.
Education
Carnegie Mellon UniversityMaster of Science in Computer Science
- GPA: 3.9/4.0, specializing in Software Security and Binary Analysis.
- Thesis: "Automated Binary Analysis for Obfuscated Malware Detection in Enterprise Networks."
- Awarded Graduate Fellowship for outstanding academic achievement and research potential.
University of California, BerkeleyBachelor of Science in Computer Engineering
- Magna Cum Laude, Dean's List all semesters for academic excellence.
- Coursework focused on operating systems, computer architecture, and cryptography.
- Developed a secure bootloader prototype for embedded systems as a capstone project.
Skills
Reverse Engineering Tools
IDA ProGhidrax64dbgWinDbgOllyDbgRadare2
Programming & Scripting
CC++PythonAssembly (x86, ARM64)GoPowerShell
Operating Systems
Windows (Kernel/User-mode)Linux (Kernel/User-mode)macOSAndroid (ART/Dalvik)iOS
Malware Analysis
Static AnalysisDynamic AnalysisDeobfuscationExploit AnalysisSandbox EvasionMemory Forensics
Vulnerability Research
FuzzingExploit DevelopmentRoot Cause AnalysisHeap/Stack OverflowsROP/JOPKernel Exploitation