Experiences
- Worked on a multi-disciplinary team comprised of software engineers, artificial intelligence researchers, and cybersecurity engineers on continued development of an episodic network emulation tool.
- Primary work consisted of designing and implementing a secure network for remote login to allow researchers to work from home during COVID-19.
- During the development of the secure network I also created a few Ansible playbooks to help automate the process of creating users across all the boxes in the network.
- Additional work consisted of creating a user-friendly web application to generate network and host configuration files that dictates Galaxy how to create its images.
- Attended classes covering the fundamentals of malware analysis including static and dynamic analysis, Windows fundamentals, common malware persistence mechanisms, x86 Assembly, anti-reverse engineering techniques, malicious office documents, PDFs, and JavaScript.
- Attended classes discussing memory forensics fundamentals for primarily Windows systems and used memory analysis tools such as Volatility and the Pmem suite.
- Attended classes focused on network archeology and learned techniques to decode custom protocols captured during packet analysis, to recognize encrypted traffic.
- Participated in a mock incident as a responder. I analyzed PCAPs, disk images, and memory dumps for indicators of compromise. I reversed engineered malware samples and identified artifacts that could be used to determine if other computers had been compromised.
- Developed an efficient and accurate supervised machine learning pipeline to automatically reverse engineer information from frames transmitted over controller area networks.
- Created an extension of the ACTT framework that used heuristics to classify signal categories on controller area networks.
- Used a test-driven development software process to ensure risk-free code with all-encompassing test routines.
- Gave a presentation at the 2019 Summer Student Convivium discussing the progress I made on the ACTT project during my time as an intern.
- Co-authored a research paper on the ACTT algorithm which is currently under review.
- Judas
- Developed a framework for backdooring 32-bit PE files for a class taught by Dr. Drew Springall.
- Injects either a “pop-up” message or a reverse shell but can easily be configured to take in arbitrary shellcode.
- Bypasses modern countermeasures such as address space layout randomization and data execution prevention.
- PythonIDS
- Developed an intrusion detection system using Python along with 3 other students for a class taught by Jason Cuneo.
- Detects the following attacks: NMAP SYN, ACK, and XMAS scans, Ettercap’s ARP poisoning, Metasploit’s ms17_010 psexec, and Responder’s LLMNR and NBT-NS spoofing.
- Uses Python’s multiprocessing module to increase the scan’s performance
- Performed open-source intelligence research on integrated missile defense systems used by the United States Army.
- Attended design meetings to build a low power and visibility reconnaissance pod with mesh network capabilities.
- Performed open-source intelligence research on friendly tracking networks and attempted to find weak points in the existing infrastructure.
- Developer
- Programmed heavily in Python, SQL, JSP/Bootstrap, and occasionally JavaScript while utilizing a proprietary SDLC that was very similar to Agile.
- Participated in various design meetings to gather requirements for multiple projects on Rheem’s web-based quality management system, Reliance, and developed code for said projects.
- Rebuilt the Production Part Approval Process (PPAP) application by streamlining the user interface, enhancing user experience while also drastically bringing down the run time and code complexity for reports for this application.
- Developed a process, that had never been used before at Rheem, to convert old PPAP data into a new form.
- Developed a script that leveraged multiple SQL queries to generate a monthly summary of supplier metrics which resulted in a 78% decrease in time to compile ratings.
- Developed a software system that allowed several users to collaboratively edit and approve Service Note documents which prevented said documents from getting lost and allowed all parties to provide input.
- Streamlined a manual contract management process and provided visibility of contract approval timelines and expiration dates.
- Reliance System Administrator
- Helped users with system-related issues.
- Conducted form and application training for cross-functional teams.
- Authorized user access to specific parts of Reliance depending on their specific clearances.
- Participated in multiple Capture the Flag competitions run by various companies and universities.
- Taught lectures on binary reverse engineering and binary exploitation.
- AUCTF19
- One of two club members hosting the event.
- Created challenges for the cryptography, forensics, password cracking, reverse engineering, binary exploitation, and password cracking categories.
- AUEHC’s first private CTF.
- 20 participants with 57 challenges.
- Acquired funding for the top five students to attend DEFCON 27 free of charge.
- AUBURNHACK’s 2020s mini-CTF
- One of five club members hosting the event.
- Created challenges for the reverse engineering and binary exploitation categories.
- 60 participants with 37 challenges
- Cyber Fire Puzzles
- Worked with Auburn University / Los Alamos National Laboratory Security Sciences Institute to host the event.
- 45 participants.
- AUCTF20
- One of seven club members hosting the event.
- Created challenges for the reverse engineering and binary exploitation categories.
- Worked with Auburn University to ensure that the CTF was publicly accessible and secure.
- AUEHC’s first public CTF.
- Almost 3000 participants with 81 challenges.
- Acquired $300 for each of the top three students.