Red Teamer, Malware Developer, Security Researcher
I think like an attacker.
I push the limits of your security infrastructure, then rebuild it stronger.
Send me a message. Let's grab some coffee and swap stories.
Showing you why your security infrastructure needs to be fixed-- and how to do it.
Casually bypassing your EDR by combining Python, C++, and C# with a red teaming twist.
Letting you run your business without needing to worry about cyber threats.
Rebuilding your security infrastructure to prevent me from breaking into it again.
Coalfire Systems, Inc.
May 2024 - PresentPerforming penetration tests and code reviews of AWS applications and cloud infrastructure.
Simplifying the log review process of pentesting for various AWS services by writing Python and Bash scripts to automate regex checks for sensitive information and CR/LF injection attempts.
Success Academy Charter Schools
Mar 2024 - May 2024Performed adversary simulations against company infrastructure with >80% success rate by writing custom tools to carry out sophisticated evasion methods and stress-test CrowdStrike Falcon and Palo Alto Cortex.
Tested physical security integrity of company locations by using social engineering to accomplish tailgating and the assumption of identities of other employees through keycard cloning and gaining access to normally restricted areas.
Improved the security posture of company infrastructure by performing code reviews on 10+ developed tools and scripts written in PowerShell, Bash, and other common scripting languages used to automate tasks.
Oversaw Vulnerability Management for 6000+ Mac and Windows endpoints and AWS cloud instances by using CrowdStrike Falcon, Recorded Future, Wiz, and other tools to monitor and prioritize remediation of vulnerabilities.
Kraken IO
Jan 2024 - Feb 2024Created sophisticated, Windows-based red teaming tools for Ransomware Adversarial Simulation exercises capable of bypassing and evading popular AV/EDR and SIEM monitoring solutions with >99% success rate by using Python, C++, C#, and Microsoft Macro Assembly x64 to interact with and manipulate the Windows API.
Nave Security
Nov 2023 - Mar 2024Performed external and internal AWS cloud, web application, and API penetration tests and wrote detailed reports on findings and potential remediation solutions for companies in the healthcare industry.
Developed Windows malware designed to bypass common AV/EDR solutions with >99% success rate by using C++ and C# to develop sophisticated tools and leveraging GPT-4 to optimize and simplify the coding process.
WIN Waste Innovations
Mar 2023 - Dec 2023Performed Penetration Testing and wrote detailed reports on 30+ Windows Server and Linux devices, webapps and APIs, and SCADA systems using Kali Linux, Metasploit, Burp Suite, and self-coded tools to perform AV/EDR evasion.
Resolved Vulnerability Management issues through patching 50+ recorded vulnerabilities using Agiloft to record and resolve security incidents and using Nessus and Kali Linux to confirm successful patching of recorded vulnerabilities.
Implemented effective Endpoint Detection Response (EDR) solutions on 12,000+ Microsoft Azure servers and WIN Waste endpoints by installing CrowdStrike Falcon on devices to monitor and administrate activity.
Black Hills Information Security
Jan 2024 - PresentPresenting valuable insight into research performed on malware development and AV/EDR evasion to 3,800+ members of the Black Hills Information Security community by answering questions, sharing experiences, and engaging in the red teaming community.
Unscripted by David Raviv
May 2024In this podcast episode, cybersecurity expert William Wallace shared profound insights into the cybersecurity landscape and the demands of the profession. Emphasizing the importance of dedication and proactive learning.
His journey from an early fascination with malware on old operating systems to leading sophisticated cybersecurity initiatives serves as a testament to the dynamic and demanding nature of the field, which requires constant innovation and a forward-thinking approach.
HackCUNY 2024
Feb 2024Led an offensive security focused workshop during the HackCUNY 2024 hackathon. Taught the fundamentals of AV/EDR evasion through bypassing userland EDR hooks with system calls to 50+ students by demonstrating proof-of-concepts and findings from months of dedicated learning and experimentation.
Led a defensive security focused workshop during the HackCUNY 2024 hackathon. Provided insight into implementing cybersecurity best practices into web development to 50+ students by exhibiting catastrophic real-world examples of the consequences of insecure website design and examples of key issues to focus on.
National Cyber League 2023
Jan 2023 - Apr 2023Achieved Top 1% ranking, placing 58th nationwide in the NCL 2023 competition for the John Jay Cyberhounds team by solving real-world cybersecurity challenges including identifying hackers from forensic data, pentesting and auditing vulnerable websites, and more.
BarSides CTF
Sep 2023Competed and collaborated in 15+ public CTF events for the BarSides team, ranking 121st place in 2023.
Created a writeup for the We Need to Break Free challenge during Trellix HAX 2023. Performed RCE by exploiting unsanitized inputs to gain a reverse shell and obtain the flag.
From John Jay to Cybersecurity Excellence Alumni Panel
Sep 2023Guided 30+ aspiring cybersecurity professionals studying at CUNY John Jay College of Criminal Justice on key skills and early achievements to focus on and gain before leaving college in order to maximize their chances at landing desired positions in the field.
Created a sophisticated, covert Windows-based credential dumper using C++ and Microsoft Macro Assembly x64.
Historically has (and may presently still) bypassed Windows Defender and commercial security solutions Malwarebytes Anti-Malware and CrowdStrike Falcon EDR Complete.
Avoids detection by manually implementing NTAPI operations through indirect system calls, disabling telemetry, obfuscating API function names and pointers, creating offline copies of the LSASS process to perform memory dumps on, and corrupting the signature of dropped files.
Project has gained >300 stars from other members of the red teaming community on GitHub since initial release.
Created a Windows-based ETW unhook PoC using C++ and Microsoft Macro Assembly x64. Overwrites NtTraceEvent opcode by performing indirect system calls with NtProtectVirtualMemory and NtWriteVirtualMemory and ultimately disabling ETW at Nt* function level.
Avoids detection by bypassing EDR hooks on the Windows API with manual implementation of Nt* functions and finding unhooked opcodes to use as trampolines.
B.S. in Computer Science and Information Security
Minor in Cybercrime
2018 - 2023Hacker - National Cyber League Spring 2023
Speaker - From John Jay to Cybersecurity Exellence Alumni Panel
Member - John Jay ISACA Student Group
