I am a software developer that enjoys operating system internals, kernel development, and reverse engineering with a focus on building teams that want to solve real security problems.
I specialize in offensive and defensive endpoint development for Windows and macOS. I am currently at FireEye through the Mandiant aquisition.
Public Presentations and Training
Black Hat Malware Analysis Training
Black Hat Advanced Malware Analysis Training
Monitor.app - Real time kernel extension for macOS endpoints
Mac Memoryze - Memory Imaging and Analysis for macOS
ApateDNS - Fake DNS provider for malware analysis
Pywintrace - ETW producer for Windows written in pure Python
Crescendo - App and framework to easily view real time events on macOS