Resume

Developed a kernel mode anti-cheat with cheat detection measures similar to those found in the most popular anti-cheats on the market (Battle-Eye, Easy Anti-Cheat). Although it never made it to the market, it taught me extremely valuable information about the windows OS, cyber security and reverse engineering.

Protections included:
• Scanning for vulnerable drivers present and previously unloaded.
• Signature scanning the full memory of the system for malicious code signatures/strings.
• Detecting rouge system threads executing unsigned kernel shellcode using multiple methods including bruteforcing the PspCidTable entries, monitoring the KPRCBs, using NMIs and IPIs then subsequently stack walking the thread's call stack and analyzing the validity of the current IP.
• Stripping read/write access from handles opened in usermode to a protected process.
• Detecting DKOM attempts on opaque kernel structures such as the PspCidTable, EPROCESS->ActiveProcessLinks and EPROCESS->ThreadListHead in attempts to hide a process or thread.
• Detecting process-specific kernel patches/rogue allocations achieved through modifying a process's upper 256 PML4E values, redirecting the MmPfnDatabase entries then nulling the original entries in the kernel DTB.
• Detecting blatant .text patches in a protected process by comparing the loaded bytes in memory vs the valid, signed binary on disk.
• Using multiple hooking techniques to take control of context swaps (ntoskrnl->SwapContext without triggering PG) in order to protect a specific virtual address range from non-whitelisted threads accessing it.
• Setup usermode traps on protected variables to detect outside modifications.
• Setup a kernel-mode rendering and input system without calling win32gdi functions.
• Constantly evolved an exploit to bypass all of these protections to help simulate the never-ending cat and mouse game of cheaters vs anti-cheats.

• While mostly working alone, I developed, tested and deployed C#/ASP applications used throughout nearly every step of the manufacturing process including purchasing, receiving, picking material for job orders, logging, testing, job order receiving, shipping, cycle counting, yearly physical inventory, EDI, HR and accounting.
• Created and maintained multiple C# .NET applications to synchronize data between a local SQL database and our MRP system (Infor CSI) using Infor's IDO web service.
• Worked with the APIs of our material suppliers to ensure the purchasing department has access to live data.
• Created and maintained the company's GitHub repositories as well as created and maintained an internal website that controls code change reviews and approvals.
• Managed user access to all forms, dataviews and functions in CSI.
• Completed occasional CSI Form modifications.
• Created hundreds of data views used by practically every department in the company.
• Worked closely with Infor's ICS (Consulting Services) and Infor support to debug and resolve issues with the MRP system.

• Developed multiple Android applications that were moderately successful on Google Play.
• Created multiple games using the Unity game engine.
• Created multiple websites using WordPress, MySQL, PHP and Woocommerce.
• Created multiple C# winforms applications, sold licenses to said applications to a niche market and provided customer support for over 5 years.
• Continued support for Futaba Corporation on a contract basis.