| Contact Information | |
| Name: | Justin Ferguson |
| Email: | jnferguson (at) gmail (dot) com [email concealed] |
| Location: | Seattle, Washington, United States |
| Resume | |
| Position/Title: | Security Consultant |
| Resume: |
Justin N. Ferguson 425 Vine Street #525 Seattle, WA +1.206.605.5753 jnferguson (at) gmail (dot) com [email concealed] Objective Seeking a position that requires extensive IT skill, continuous research, effective communication, initiative and creativity with an emphasis on security and business efficiency Skills - Highly skilled in the development of intelligence, surveillance and reconnaissance applications, such hidden rootkit applications and network backdoors on both Windows and Linux/BSD platforms - Extensive experience reverse engineering malicious software to determine function, skill of attacker, uncover hidden payloads, as well as identify any possible source intelligence - Low-level operating system knowledge in Linux/BSD environments, including ring-0 and ring-3 rootkit and backdoor technologies, intercepting shared library function calls, et cetera - Equivalent low-level operating system knowledge in a Windows environment, such as direct kernel object manipulation (DKOM), hooking native API calls, overwriting the IAT, et cetera - Knowledge of software applications used in reverse-engineering, exploit development and rootkit development, such as IDA Pro, OllyDbg, gdb, strace, ltrace, et cetera - Strong understanding of offensive information operation tactics such as IDS evasion, covert channels, alternate file streams, anti-reverse engineering methods, ARP cache poisoning, man-in-the-middle attacks, sniffing, connection hijacking, et cetera - Extensive experience with exploit development on IA-32/IA-64, using buffer overflows, heap overflows, integer overflows, format string attacks, et cetera- lighter experience with other architectures such as ARM/XScale, PPC, et cetera - Comprehensive programming background in C/C++, IA-32/IA-64, ARM/Xscale assembly Perl, PHP, SQL, BASH/SH, SED, AWK, shell scripting, et cetera - Extensive experience with various binary formats, such as Executable and Linkable Format (ELF), Common Object File Format (COFF) and Portable Executable (PE) - Performed security research, risk analysis, penetration testing, code auditing (white and black box), and vulnerability assessment - Incident response methods for responding to a security breach, isolating intruder elements and restoring network security - Diverse systems engineering background, ranging from enterprise-level, fault-tolerant system design and implementation, to administering proactive security devices, and firewalls - Intimate knowledge of IP networking, and all aspects of security relating to it, including firewalls, PKI, NIDS, VPNs, VLANs, encryption, as well as application-level and physical security Publications & Presentations 2006 – • Reverse Engineering, US Department of Energy CSG Computer Security Conference • Bridging the Gap: Static binary analysis of Win32 executables under Unix and Unix-like operating systems, Toorcon 8 2007 – • Understanding the heap by breaking it: A case study of the heap as a persistent data structure through non-traditional exploitation techniques, Blackhat Las Vegas • Reverse Engineering Code with IDA Pro, Syngress publishing 2008 – • Advances in attacking interpreted languages, EuSecWest • Advances in attacking interpreted language, Ph-Neutral Experience Security Consultant (05/07 – Current) IOActive, Inc Seattle, WA • Performed code reviews for a multitude of companies such as Microsoft, VMWare, Dell, Myspace, et cetera • Routinely had #1 bug count on team for every project worked on • Blackhat 2007 Las Vegas speaker – Understanding the heap by breaking it • EuSecWest 2008 speaker – Advances in attacking interpreted languages • Co-author of Reverse Engineering with IDA Pro • Developed secure programming training for C/C++ Security Researcher (11/06 – 05/07) IBM ISS X-Force Advance Research and Development – Contracted by Ferguson Consulting, Ltd. Atlanta, GA • Daily responsibilities include public vulnerability analysis, new vulnerability discovery and security related research • Discovered multiple previously unknown vulnerabilities • Implemented new methodology for bypassing certain security checks inside of the GNU libc dynamic memory allocator • Discovered, documented and implemented methodology for detecting and blocking Skype P2P VOIP protocol from a network layer perspective Reverse Engineer / Security Researcher (08/05 - 11/06) National Nuclear Security Administration (NNSA), US Department of Energy - Contracted by NCI, Inc. North Las Vegas, NV • Played integral role in the organization receiving the NNSAs Award of Excellence; its highest award • Gave reverse code engineering presentation at department wide security conference • Developed application for static binary analysis of Windows PE files under POSIX compliant operating systems such as Linux • Analyze, Identify and Report on suspicious files recovered in the incident response process • Identify both known and unknown exploits, report results and identify mitigation methods • Performed reverse-engineering of third party patches to determine function, purpose and any possible hidden payloads • Performed reverse-engineering of closed-source binaries to determine function, purpose, level of expertise, and any possible hidden payloads • Vulnerability analysis, both on open source products and proprietary • Member of the Information Assurance Response Center (IARC) Computer Emergency Response Team (CERT), goals and tasks include issuing security alerts, penetration testing and enterprise security awareness Owner/Contractor (01/05 – Current) Ferguson Consulting, Ltd. • Successfully run own small business providing contracting services to various Education, Government, and Financial institutions • Clients include: • Department of Homeland Security • New Jersey Institute of Technology • IBM ISS X-Force • Network Security Solutions, Inc. • BarkByte, Inc. • Tasks include: • Performance optimization and customizations of Snort IDS • Performance optimization and customizations of libpcap • Linux kernel modifications to allow high performance network packet interception • Development of high performance POP3/IMAP proxy, providing hooks into ClamAV anti-virus software • Source code auditing as part of vulnerability analysis • SOX 404 compliance auditing • Development of integrated and automated web based system to ease SOX 404 auditing • Web development for Home Realty client • Initial network setup and contracted continued maintenance for Home Realty client Security Analyst (06/04 - 02/05) CWIE, LLC. Tempe, AZ • Extended MySQL driven centralized authentication to include centralized auditing of user accounts and single sign-on/one time passwords • Extended security model to eventually be adopted enterprise wide • Responsible for the auditing and design of security policies enterprise wide-approximately 1,200+ servers • Performed internal scan and penetration testing of systems and policies • Developed and implemented application to detect and resolve conflicts in DNS resolution • Development of MySQL driven PAM module to do centralized authentication • Development of database driven dynamic management service • Developed multi-threaded log analyzing daemon to detect and block both distributed and single-source brute force password attacks • Design and implement new security model for back-end network using security enhancing kernel patches and mandatory access controls, implemented in bastion hosts • Use of Cisco routers/IOS in day-to-day operations and trouble shooting at a network level • Incident response and system forensics • 24x7 On-call support QA Engineer (04/03 - 08/03) ADS Communications Scottsdale, AZ • Responsible for writing test suites from engineering product requirement documents of software to automate technician dispatch for large printer companies such as Ikon and Xerox • Software included various telephony elements such as voice mail and messages, WAP, interfacing with RIM pagers, technician part orders, and GPS • Developed and implemented stress tests • Interfaced with development engineers to get bugs documented and fixed • Designed various APIs to help ease porting the software from SCO Unix to Linux System Administrator Sr. (02/01 - 12/02) Simply Geek, Inc. Tempe, AZ • Responsible for server and network setup of web design/development company, including configuration of services such as Qmail, Apache, BIND, FTP (vsFTPD), MySQL, OpenSSH, and full automation of user creation • Helped to create a web-based email system for users • Conducted continuous security auditing System Administrator / System Consultant (08/01 - 02/02) APM Design Labs Phoenix, AZ • Set up and upgraded network, software and hardware • Redesigned network to meet Department of Defense Security Standards • Advised and implemented network setup and use of a hardware-based Linux server as a router/packet filter System Administrator / Systems Programmer (06/01 - 02/02) Arizona State University Tempe, AZ • Performed daily maintenance of mission critical statistics machines for University administration • Provided support for the Data Communications staff, the department's end users • Maintained several Solaris, Linux, Windows 2000 and Windows NT 4, including several database machines, several web servers, IDS and a department primary domain controller • Daily administration of multiple Primary Domain Controllers and Exchange servers • Provided hardware-based support, upgrades, and light amounts of system programming References Provided upon request |