Computer and network defense is my passion. I've spent most of the last decade studying and working in information security, including work in development, strategic cyber threat analysis, and data security operations. I have both formal education / certification (see below), and real-world experience. I am based in the US (timezone UTC-6/-5). I speak and write English fluently.
My expertise lies mainly in incident response and in reverse engineering / malware analysis. This means I can go in nearly blind and still quickly determine the source of an intrusion and how to fix the vulnerability. I can analyze a malicious artifact to determine its purpose. I can apply my strategic experience to assess future threats, and I document everything in a well-written report.
This is my normal work cycle for incident response clients:
- get access information and begin investigating the server
- perform triage / rapid removal of malicious and compromised files
- keep track of all actions performed, and conduct live chat to inform clients of my progress (timezone permitting)
- submit a complete final report with all investigation details, actions taken, future threat assessment, and remediation recommendations
- work with clients to keep monitoring for future hack attempts for the coming weeks and if possible, find/patch the vulnerability that allows the hack
I will not accept payment if I can't finish a job to a client's satisfaction. I check on clients again at one and three weeks to make sure everything is still fine. My passion is for fighting malware and cyber criminals, not for taking money for quick and temporary solutions to a problem. I have never failed to complete an incident response project.
I have successfully eradicated malware and secured the following platforms:
- Cre Loaded
- custom content management systems
I can work with the following languages:
- C / C++ / C#
- IA32 assembly
- shell scripting languages