Job Description
- Design and develop the red team's customized secure system (remote control program), and ensure that the endpoint protection can be bypassed such as Crowdstrike, Windows Defender, 360 Safeguard
- Reverse analysis of common EDR and HIDS to identify methods for bypassing detection, and embed security principles into the design of system architectures to mitigate the risks
- Research the persistence solutions under common operating systems such as Windows, MacOS, and Linux
- Perform red team engagements related to the periodic review and audit activities of infrastructure security systems (IDC network, office environment, cloud native) and maintain documentation of security standards and procedures
Requirements
- Minimum 3 years of relevant work experience
- Extensive experience in RAT (Remote Access Tool) development, with the ability to customize attack frameworks like Cobalt Strike
- Extensive experience in anti-endpoint protection, providing solutions to bypass the detection of EDR such as CrowdStrike, Windows Defender, 360 Safeguard
- Experience in persistence solutions under common operating systems (Windows, MacOS, Linux)
- In-depth understanding of security mechanisms of Windows/Linux systems, and familiar with offensive techniques in ring0/ring3
- Proficient in scripting/programming languages like C/C++, Go, PowerShell, Javascript, ASM, etc
- Strong reverse engineering skills with proficiency in tools such as IDA Pro, OllyDBG, WinDBG, GDB, etc
- Strong communication skills and effective teamwork spirit
- Self-starter and fast learning ability
