Job Description

: Design and develop the red team\'s customized remote control program and ensure that the endpoint protection can be bypassed, such as Crowdstrike/ Windows Defender/360 Safeguard. Reverse analysis of common EDR and antivirus software to bypass the protection such as Crowdstrike/ Trend Micro/ Windows Defender / HIDS. Research the persistence solution under common operating systems such as Windows, MacOS and Linux. Conduct the red team engagement in different scenarios such as IDC network, office environment, cloud to mimic the APT adversary emulation. Requirements: Bachelor degree in Computer Science, Engineering or related fields More than 5 years of relevant work experience Extensive experience in RAT(Remote Access Tool) developing, able to customize the attack framework like cobalt strike. Extensive experience in anti-endpoint protection, able to provide the solution to bypass the detection of EDR such as CrowdStrike, Windows Defender, 360 Safeguard. Extensive experience in the persistence solution under common operating systems such as Windows, MacOS and Linux. In-depth understanding of the security mechanism of the Windows/Linux system, familiar with the offensive techniques in ring0/ring3. Strong scripting/development skills (for example: C/C++, Go, PowerShell, Javascript, ASM, etc.) Strong reverse engineering skills familiarity with tools such as IDA Pro, OllyDBG, WinDBG, GDB,etc. Good communication skills and effective teamwork spirit, with good professional ethics Self-starting and fast learning ability Preferred Experience Experience in spear phishing and social engineering tactics. Experience in pentesting and red teaming, familiarity with kill chains in ATT&CK Framework (for example: initial access, Windows AD testing, lateral movement). Tracking records of bug bounty awards, CVEs, public security articles, security conference speakers, Github star authors, etc. Experience in performing APT offensive and defensive

foundit