About me

I am a software developer that enjoys operating system internals, kernel development, and reverse engineering with a focus on building teams that want to solve real security problems.

I specialize in offensive and defensive endpoint development for Windows and macOS. I am currently at FireEye through the Mandiant aquisition.

Public Presentations and Training

Black Hat Malware Analysis Training

Black Hat Advanced Malware Analysis Training

Public Projects

Monitor.app - Real time kernel extension for macOS endpoints

Mac Memoryze - Memory Imaging and Analysis for macOS

ApateDNS - Fake DNS provider for malware analysis

Pywintrace - ETW producer for Windows written in pure Python

Crescendo - App and framework to easily view real time events on macOS