Andre Lima CV

Experience + certifications + courses:


My main areas of expertise are:
- Malware development for Red Teams, including Windows Kernel Rootkits, as well as bypassing EDRs; 
- Reverse Engineering: WinDbg, IDA, x64dbg;
- Exploit development: bug hunting with WinDbg+IDA and writing remote exploits using python3
- Red Team: cloud infrastructure setup and automation and payload development in C#/C++/C

I've successfully gone through:
- Offensive Security Exploit Developer - OSED
- eLearnSecurity Certified Reverse Engineer - eCRE
- CREST CRT
- eLearnSecurity Web Application Penetration Testing Extreme - eWPTX/WAPTX
- SecurityTube Linux Assembly (x64) Expert - SLAE64
- Offensive Security Certified Professional - OSCP
- Offensive Security Wireless Professional - OSWP
- ISC2 Associate CISSP (do reach out for verification, please)
- Completed training at BlackHat USA 2018 on Fuzzing for Vulnerabilities with Huntress Labs's 
  Chris Bisnett and Kyle Hanslovan
- Completed training at OffensiveCon 2019 (Berlin/Germany) on Windows Kernel Rootkits with Bruce Dang
- Completed training at OffensiveCon 2023 (Berlin/Germany) on Hypervisor Development for Security Researchers with Satoshi Tanda

Red Team experience:
- Automation of Red Team infrastructure (C2, proxies)
- Automation of payload generation using CI/CD pipeline (Jenkins, Git, artifacts, etc)
- Mitre ATT&CK Matrix
- EDR bypass through static and dynamic evasion techniques, as well as multiple process 
  migration techniques to drop the initial payload
- Tool development (including Windows kernel rootkits)

Penetration Tester experience:
- Deep familiarity with Windows Domains, including tools such as Mimikatz, 
  Mimidrv, Mimilib, Sysinternals (psexec, sysmon, procexec, winobj, etc), 
  Rubeus, etc
- MSSQL interaction through C# to test for Kerberos authentication, possible 
  escalation, code execution, and impersonation
- XSS, SQLi, CSRF, Indirect object references, LFI, RFI, file uploads, and
  other webapp testing while mostly using Burp Suite Pro
- Scanning (nmap, nessus), metasploit, exploit alteration for specific
  uses, and other infrastructure testing consistent with OSCP trainning
- Creating internal tools using a variety of languages: Python, C, BASH
  script, x64 assembly
- WEP detection and cracking, WPA/WPA2 bruteforcing, WPA-Enterprise
  Mitm attacks using patched freeradius server and other wireless
  testing
- Vast experience in reporting and dealing with clients in consulting.

Back ...