I have a specialization in the knowledge of network protocols, their implementations
and specification quirks that could lead to potential attack vectors.
This includes strong knowledge in network protocols such as
TCP,
UDP,
MQTT,
ICMP,
SNMP,
SOCKS,
TLS
and all protocols related to the Web such as
HTTP/S,
SPDY,
QUIC,
DNS,
DNS over HTTPS, DNS over TLS, DNS-based Service Discovery,
WebRTC
and WS13.
Most of my open source software is peer-to-peer, meaning they use NAT
traversal and NAT breaking techniques to find other local and global
peers. Those techniques are similar to how malware often works, as most of them use DNS
Exfiltration, Multicast and Relaying, and even PWNAT- or
ICMP-spoofed attacks to contact their CNCs
once they successfully infiltrated a device.
My previous employments included building up Blueteams in the Cyber Defense space,
wherein AI-based IDSes were being
built, trained, and used in order to gain a strategical advantage on the Blueteam
side.
My experience helped me to create a deep understanding of how to build trainable
automated network security systems that can learn from traffic fingerprinting and
the behaviour of networked nodes and their communications.
My work with co-evolutionary systems like backpropagated
ES/HyperNEAT
gives me the knowledge to create virtual simulations and pentesting scenarios that
can be easily replicated and adapt to new infiltration targets.
Additionally those virtual environments usually are multi-agent simulations
of vast network topologies and reuse existing PCAP
files or streams from previous attack scenarios to train the
CPPNs more efficiently.
Over the past years many of my projects were indirectly trying to automate the
OSINT methodologies that still need human
interaction to acquire information online, such as the Research
and Tholian Stealth projects.
My unique perspective with the usage of co-evolutionary AI systems allows me to build
self-automating and self-adapting systems that help to exceed the frontiers of what
you can do with the Knowledge on the Web.