Brian M. Sturk
(603)-402-1278

Telengard Technologies Inc. • 8 Falcon Dr. • Hudson, NH • 03051
bsturk@comcast.net  telengard@gmail.com

Download resume

Download this resume in MS Word Format.

If you're trying to download within a browser and get an "Enter Network Password" dialog, just press "Cancel".   See HERE for more info.


Skills

  • Over 21 years of progressive experience designing and writing software using C, C++, Python, and assembly.
  • Certified Ethical Hacker.
  • Extensive experience in reverse engineering, information security/pentesting, OS/kernel internals, real-time/embedded systems, firmware, device drivers, interfacing computers with various types of hardware, data acquisition, electro-mechanical control, and protocol development.
  • Designing and writing software for multiple platforms including kernel device drivers, file system drivers and NAS/SAN technologies, security related applications/drivers, networking protocols/applications, cross platform GUI applications, embedded system tools/scripting.
  • Team player. Fits in very well with large groups, small teams, or even working alone and ramps up quickly.


Software and Programming

Programming
kernel and filesystem drivers, embedded systems, OS internals, network/protocol, ethical hacking, reverse engineering, data acquisition, RTOS, cross platform GUI, scripting.

Languages
C/C++, Python, ASM, Java, C#.

Operating Systems
Linux, OS X, Windows, FreeBSD, NetBSD, Solaris, QNX RTOS.

Tools
gcc/gdb, Windbg, dtrace, Wireshark, metasploit, Kali Linux, Win DDK, VMWare, Visual Studio, XCode, Subversion, Clearcase, Accurev, Perforce, SWIG.

Libraries
Qt, wxWidgets/wxPython, STL, boost, OS X IO Kit, OSR FSDK, v2linux, OpenGL, MFC.



Certifications

  • Offensive Security Certified Professional (OSCP) [Ethical Hacker]: License OS-15502




Hardware & Equipment

Electronics
A/D oscilloscopes, logic/serial/protocol/bus analyzers, ICE, JTAG/BDM, encoders.

Computer/Hardware
x86, x64, PowerPC, ARM9, MIPS, serial RS232, motor control, digital I/O, DAQ boards.



Relevant Experience

8/16 to Present
Carbon Black— Principal Engineer - Threat Research

Technologies/Skills Used:
reverse engineering, malware, IDA Pro, radare2, AWS, cuckoo, OS X, python, ethical hacking

  • Threat Research
  • Reverse Engineering
  • Hacking
  • Coding
  • Bagel Eating

7/14 to 8/16
Verdasys/Digital Guardian— Consulting Engineer

Technologies/Skills Used:
malware, metasploit, Win DDK, VMWare, Windbg, Ollydbg, kernel/internals, OS X, iOS, ethical hacking

  • Member of the Cyber and R&D teams. This involved working on the APT/EDR aspects of the DLP endpoint software and threat research, detonation, and reverse engineering.
  • Added code to product to detect advanced malware techniques – Process Hollowing, Reflective Injection, use of App_Init for injection.
  • Added support to injection framework to handle injecting packed binaries.
  • New features and further development and support of hooking and injection subsystems.
  • BlackHat 2014 – wrote iPhone software booth demo. Simulated malicious email image taking over phone. Utilized Cydia Substrate.
  • Blackhat 2015 – wrote code for sponsored session “Can DLP Thwart Malware Attacks”. Code added to existing product to detect and block in-memory ransomware attempting to encrypt files.

1/10 to 7/14
Avid Technology— Senior Principal Engineer

Technologies/Skills Used:
Win DDK, kernel/internals, OS X, FUSE, embedded Linux, distributed file system, wireshark, Qt, Python

  • Maintenance coding/bug fixes for ISIS kernel file system driver and related software on OS X and Windows.
  • Implemented a system for creating, installing, and deploying system recovery images. Written in Qt.
  • Designed and implemented the embedded Linux platform for the ISIS 2000 product including distribution, installation/upgrade/recovery system, root filesystem generation, bootloader, and fs redundancy strategy.
  • Co-designed and implemented a Linux version of the ISIS file system client driver using FUSE on RHEL 6.

9/09 to 1/1 [and 8/08-11/08]
Facilis Technologies— Consultant [Telengard Tech]

Technologies/Skills Used:
Linux, OS X, kernel, iSCSI, Win DDK, filter driver, wxWidgets, Windows 7

  • Designed and implemented a product to allow access to the Terrablock storage product over iSCSI. Heavily modified the OSS iSCSI Enterprise Target software package both at the user and kernel level.
  • Re-designed and re-implemented their existing file migration tool used for bulk movement of files/projects.
  • Ported client app to Linux using wxWidgets and consolidated all supported platforms into one project.
  • Wrote applications to remount read-only volumes and resize Apple Partition Map partitions on OS X.
  • Wrote an application to hook and inject code into arbitrary application binary functions on Windows.

1/09 to 7/09
L3-Security— Consultant [Telengard Tech]

Technologies/Skills Used:
Embedded Linux, C++, Fedora, Qt, Modbus, motion control, Serial RS-232, XML-RPC

  • Wrote diagnostic code for MODBUS based Galil controller over Ethernet doing analog/digital I/O.
  • Wrote diagnostic code for serial RS-232 based Mforce motion controller.
  • Worked on Qt based diagnostics interface. Also implemented all QtScript based diagnostic code.
  • In house Linux expert for 10 DOS/Windows programmers transitioning into project.

12/07 to 8/08 [and 3/06-9/06]
Tour Andover Controls— Consultant [Telengard Tech]


Debian, embedded, busybox, u-boot, IPSEC, kernel device driver, scratchbox, ARM 920t, Serial 485

  • Ported 2.6.16 kernel and u-boot to custom AT91 SoC based board used for security and automation systems.
  • Wrote a Linux kernel driver to handle 485 communications and utilized on chip DMA for on board USARTs.
  • Implemented use of Debian and Scratchbox/qemu for cross compilation and debugging infrastructure for ARM9 and i386 hosts.
  • Was in house Linux expert to large group of developers in US and Sweden.
  • Wrote applications to test protocol encryption performance under load on embedded ARM board using IPSEC.
  • Implemented and deployed a group-wide backup policy utilizing flexbackup.

9/06 to 12/07
Cylant/Reflex Security— Consultant [Telengard Tech]

Technologies/Skills Used:
Windows, kernel, DDK, hooking, rootkits, security, IDS/IPS, Linux, Snort, Debian, VMWare

  • Ported driver portion of existing Cylant Secure HIDS product to Windows XP from Windows 2000. Driver hooked kernel and monitored for rootkits/malware in real time.
  • Added features and bug fixes to Reflex Security's Snort based intrusion prevention product on Debian Linux.
  • Implemented development and QA use of VMWare for sandboxing/detonating different rootkits/malware.

4/06 to 5/06 [and 1/05 to 5/05]
JK Enterprises/Kobe Steel— Consultant [Telengard Tech]

Technologies/Skills Used:
Reverse engineering, IDA PRO disassembler, VMWare, Linux, python, wxWindows, serial RS-232, DAQ

  • Removed need for dongle in abandoned application by reverse engineering and binary patching DLL.
  • Moved platform to VMWare to work around bugs on Japanese Windows OS. No access to source to fix.
  • Wrote an application using wxWindows to interface with a custom data acquisition system. Application communicated over RS-232 and displayed visual representations of probes, encoders, and other indicators.

12/05 to 4/06
Media Matters— Consultant [Telengard Tech]

Technologies/Skills Used:
FreeBSD, OS X, HW interfacing, python, wxPython

  • Wrote a application to monitor and interface with robotic tape archive machine using wxPython.

7/04 to 3/06
Siemens SNC LLC.— Consultant [Telengard Tech]

Technologies/Skills Used:
Montavista Linux, BSP, embedded, kernel device driver, PowerPC 440GX, u-boot, UML, I2C, pthreads

  • Wrote a Linux kernel driver for Siemens' MRC FPGA which handled monitoring boards' health status, also wrote related APIs and diagnostics.
  • Wrote a Linux I2C kernel driver to interface with GPIO circuitry, also wrote related diagnostics.
  • Wrote a Linux kernel driver and API for Siemens' ARC chip which handled card redundancy/failover.
  • Worked on the port of the u-boot bootloader to Siemens' next generation ATCA hardware platform. Work involved bringing CPU up, POST tests, debugging HW issues, networking/PHYs init, chip select init, startup scripts, diagnostic utilities, building file system images, GPL issues, and customization for Siemens.
  • Debugged many kernel level bugs with UML in the Montavista PRO kernel. All fixes submitted to Montavista.
  • Setup a simulation environment of Siemens' hiG Media Gateway carrier grade products using User Mode Linux.
  • Debugged and fixed the VxWorks to Linux emulation library (v2linux) including many threading issues.
  • Added features to Siemens' Clock Control FPGA kernel driver.
  • Was in house Linux expert to over 40 VxWorks developers.
  • Wrote scripts to automate building and populating embedded file system images.
  • Wrote applications to test connectivity between remote boxes and apps running within UML simulation.

5/04 to 7/04 -- 1/05 to 7/05
Facilis Technologies— Consultant [Telengard Tech]

Technologies/Skills Used:
Mac OS X, kernel, wxWindows, Xcode, SCSI, Linux, file systems, IOMeter, performance

  • Wrote an application and library for OS X to communicate with Facilis' Terrablock device driver.
  • Wrote an application using wxWindows to migrate and import clients' media from other storage systems.
  • Added features to their Terrablock software on multiple platforms including Mac OS 9, OS X, and Windows.
  • Created a custom bootable Linux recovery CD to restore entire system in the event of system failure.
  • Added support for very precise timing and other features to the file system benchmark program IOMeter.
  • Wrote a Windows application to generate very consistent file system loads. Application was made into a larger testing/benchmarking framework for Facilis' storage products.

3/04 to 6/04
EqualLogic Inc— Consultant [Telengard Tech]

Technologies/Skills Used:
NetBSD, Linux, embedded system, kernel device drivers, UNIX, kgdb, MIPS, SATA, python

  • Coded new features for their iSCSI peer-storage array product. Work involved kernel device drivers for NetBSD running on MIPS (sibyte) and x86 including user/kernel coding, cross compiling, and kernel debugging.
  • Designed solution and wrote kernel code to detect and fix specific hard drive issues dynamically (*NDA).
  • Debugged and fixed kernel panics and related bugs in pre-existing kernel code using kgdb.
  • Wrote an application that could induce specific hard drive errors under very high load (*NDA).
  • Designed and implemented a system to fully automate drive qualification using 'C' apps, scripts, and Apache.
  • Wrote various applications to search for arbitrary byte patterns on raw disks, monitor SMART data, and more.
  • Maintained and added new features to an application that searched for bad blocks on a drive and repaired them if possible. Program also monitored throughput and variance data for the drives.
  • Wrote an application to exercise raw disks simulating a mail server and pseudo file system.

11/02 to 3/04
Axiam Inc— Consultant [Telengard Tech]

Technologies/Skills Used:
QNX 4.25/6.X, RTOS, Linux, DAQ, A/D boards, Digital I/O, Port I/O, DMA, Serial 232, ncurses

  • Coded new features and maintained their metrology software which interfaced with various hardware (LVDT, encoders, motors) to compute the roundness and straightness of precision parts for commercial jets.
  • Re-designed and implemented their entire system to work with custom ISA data acquisition boards.
  • Wrote software (ncurses app and Linux kernel module) to test their proprietary data acquisition boards.

4/03 to 3/04
Pinnacle Systems— Consultant [Telengard Tech]

Technologies/Skills Used:
Qt, MFC, Winsock, FTP protocol, XML, SQL, VB, WMI, threads, VC++/NET, C#, COM/DCOM

  • Designed and wrote an FTP server and client following RFC. Requirements were high performance, threaded sessions, 64 bit REST, encryption, and site specific commands for control.
  • Added many new features and maintained their VMG broadcast archiving/storage product.
  • Designed and wrote an application to gather information about a system's configuration and verify the machine's state using Qt and XML. Machines could be inquired over a network allowing central verification.
  • Wrote an application to interface with Adrienne time code boards using C# and .NET.

4/00 to 4/03
Avid Technologies— Consultant [Telengard Tech]

Technologies/Skills Used:
Linux/OS X/Windows/Solaris Kernel, OS Internals, Windbg, File Systems, SCSI, protocol, Perl, Python

  • Designed, wrote, and maintained Linux kernel file system driver (VFS) and associated device drivers.
  • Wrote a kernel file system driver and associated device drivers for Solaris 8.0 (SPARC and x86).
  • Wrote kernel device drivers, a file system driver (VFS), and related user-mode tools for Macintosh OS X.
  • Wrote a Linux driver and daemon that allowed file system to work over Ethernet while waiting for Fibre driver.
  • Designed and implemented a reliable protocol on top of UDP used for messaging that required running on multiple platforms and in varying environments, including soft real-time, low memory, and kernel/user mode.
  • Modified SCSI layer on Linux to support SCSI processor device exposed by Emulex Fibre channel card.
  • Wrote a Linux library to get SCSI drive info and other information via SCSI pass-thru.
  • Designed and created an embedded Linux distribution for network based filesystem product platform.
  • Maintenance coding/bug fixes including many BSODs for kernel file system driver on Windows.
  • Wrote a Windows kernel driver to probe PCI bus for configuration info used by system profile application.
  • Designed and wrote a generic, extensible, and distributed testing framework in Python used for smoke testing multiple machines over a network using pyro. Used by SQA department for testing many of Avid's products.
  • Maintenance coding and test harness for the Unity Windows Network Provider DLL.
  • Implemented redundant servers support for NT product using sockets, Inet Helper API, and MFC.
  • Reverse engineered the 3Ware IDE RAID/SAN JBOD user mode/kernel mode protocol for use in Avid products.
  • Implemented build process (ksh), testing procedures (Driver Verifier), and installer (Installshield) for products.
  • Wrote a test harness and related programs for the Windows API and WNet API.

11/98 to 4/00(+)
Speedline Technologies/CAMalot— Full Time/Perm [Telengard Tech+]

Technologies/Skills Used:
2K/NT DDK, Kernel, Port I/O, Serial 232/422-USB, Java, MFC, Perl, RPC, Obj Grid, PVCS, Installshield

  • (+9/02) Wrote a Win2K kernel driver to access IO boards on parallel ports. Also install and config utilities.
  • Implemented many major subsystems for semiconductor dispensing machine (low-level and GUI components) including temperature controllers, weight scales, conveyor, digital I/O, motion control.
  • Wrote an NT Virtual Device Driver to run DOS based GFX product on Windows NT.
  • Wrote a configuration/installation utility to burn firmware for Galil motion cards using port I/O.
  • Co-designed and implemented protocol for communicating with RS-485 boards on older machines from NT.
  • Created and maintained Installshield installations for both NT products (XYFlex and Matrixx).
  • Configuration management and build admin using PVCS, Configuration Builder, Perl, and cygwin.

10/97 to 11/98(+)
Northern Research and Engineering— Consultant [New Boston Systems]

Technologies/Skills Used:
MFC, COM, STL, Objective Grid-Toolkit, BoundsChecker, ClearCase, OpenGL, DirectX, cygwin

  • (+11/99-4/00) Provided new features, bug fixes, and an installer for the Ritap product.
  • Redesigned and rewrote COMIG, a mechanical design package for turbomachinery. Also added many new features.
  • Wrote a C++ class library (MFC extension DLL) wrapping the charting library used by all NREC products.

1/96-10/97
Henschel, Inc.— Programmer / E. E. Tech

Technologies/Skills Used:
NT DDK, kernel drivers, Port I/O, 8051, MFC, Borland C++, BoundsChecker, IoWorks, Fastgraph

  • NT kernel driver and related code for interfacing/data acquisition with synchro cards and other hardware.
  • Wrote NT service to interface with Raytheon and Navy computers. The service read signals (RS-422, synchro, NTDS, and Ethernet) converting them to NEMA strings and sending to Raytheon's equipment, and driving other hardware. Signals received also sent to GUI applications with controls simulating their analog counterparts.
  • Wrote Henschel's Alarm Activation Panel used on Navy vessels. Talked over the parallel port using port I/O.
  • Maintained embedded throttle control project running on 8051 microcontroller.
  • Wrote a program to detect lights in building turning on/off via photodiode circuit over parallel port.
  • Wrote dimmer application and protocol that controlled a custom PC-104 card for Windows NT
  • Designed and built security/battery watchdog circuitry for PCCU flat panel display/embedded PC.

4/91-1/95
United States Army Reserves— Combat Engineer (Rank E-4, 12-C)

Technologies/Skills Used:
Demolition, mines, bridge building.

Re-classed MOS to 96B Intelligence Analyst. Held Security Clearance.



Education

5/92 - 6/96
University of Mass Lowell—Lowell, MA


Electrical Engineering.



Non-Work Programming Related:

Programming—Home page
www.briansturk.com

[Many freeware programs, macros, and source code available].

MESS contributor, gp2xmess, vimsh, and other freeware programs, maintainer of the Win32 Hardware-Port I/O FAQ.