Reverse engineering & low-level software engineer with 30 years of experience in Windows and Linux internals, kernel and driver development, performance-critical real-time systems, and security solutions. Proven ability to design and implement complex system software (anti-ransomware, monitoring agents, embedded platforms) and to quickly master new technologies through independent research. Strong background in C/C++, assembly, and debugging across diverse architectures.
FlareOn Reverse engineering CTF finisher for the past 5 years.
Programming Languages: C, C++, C++17, Assembly, Python, Bash
Operating Systems: Windows internals, Linux kernel & user space, Embedded RTOS
Reverse Engineering / Debugging Tools: IDA, Ghidra, WinDbg, OllyDbg, x64dbg, Wireshark
Platforms: x86, x64, ARM
Specialties: Reverse engineering, malware analysis, kernel drivers, performance optimization, real-time data processing
Other: Networking, protocol analysis, DevOps basics (Docker, Git, CI/CD)
Tel-Aviv, Israel — 2024-Current position
Conduct extensive research of complex software systems as well as proprietary products, using static and dynamic reverse engineering tools and methodologies.
IDA, Ghidra, Windbg, Windows kernel and internals.
Tel-Aviv, Israel — 2021-2024
Tech lead in the EPP group, overseeing design and implementation of an Endpoint-protection product. Design and troubleshooting of performance critical file-activity monitoring for Anti-Ransomware component, balancing detection accuracy with minimal system overhead. Implementation of a behavioral rule-based engine, conducting research to integrate reverse-engineered malware behaviors into production detection logic.
Overall next-gen EPP & EDR agent architecture design and improvements - engine consolidation, component communication and data flow.
Cross-platform Realtime C++17. Win/Linux/OsX.
Rehovot, Israel — 2018-2021
Design and implement a software component for real time image acquisition and analysis.
In charge of all project layers, including image acquisition board integration, camera control, multi-threaded image-processing algorithm execution and printer communication.
Real-time Qt and C++17 on Windows.
Tel-Aviv, Israel — 2017-2018
Software and infrastructure engineer, working on Ford's AV project as part of the offline environment mapping team.
High Scalability Python/Docker environment.
Tel-Aviv, Israel — 2010-2018
Lead a team of 3 strong developers.
In charge of the 2nd generation agent component for SharePath™, including software architecture, feature implementation, maintenance releases and software support.
C, C++, C#, Java, Bash, CI/CD, DevOps, IT.
- 3rd party API tracking.
- Implement an IIS and Nginx modules for activity monitoring.
- Implement modules for Database API tracking.
- Design and implement a PHP extension for activity monitoring and method interception.
- Bash scripting system for automated agent testing.
- Multiplatform software packaging.
- Debug and resolve complex customer problems.
- Architect complex customer solutions.
- 3rd party software installation and configuration for R&D purposes, python, docker.
Herzliya, Israel — 2007-2010
Design and implement the agent side of SharePath™, a multi-platform application performance monitoring system from scratch (C, C++, C#, Linux Kernel).
- Design and implement a Linux kernel module for real-time network communication monitoring and analysis.
- Design and implement protocol parser library.
- Network communication protocol reverse engineering and analysis.
- Implementation of network protocol parsers according to specifications.
- Design and implement a multi-platform (Windows, Linux, HPUX, Solaris, AIX) user-mode agent for real-time in-process monitoring and network communication analysis.
- Win32 API tracking.
- Design and implement a .NET IL code-rewriting profiler for method interception.
- Reverse engineering of Java and C# code.
- Design and implement an Internet-Explorer BHO for HTTP/S request monitoring.
- MPEG-2 video relay C++ Win32 service using video protocols (RTSP, RTP, MPEG-2 TS) and extensions to various 3rd party libraries (Live555, libVLC) with SNMP MIB monitoring.
- Image manipulation library using existing open-source libraries (libvips, libpng), including implementing features and extensions to the open-source C++ libraries.
Rehovot, Israel — 2005-2007
Design and implement a 2nd generation Real-time image processing software for a wafer-inspection machine. C++/DCOM/Win32.
- Implement kernel driver (WinXP) for a 2nd generation image-acquisition board using proprietary hardware.
- Implement core-components in 2nd generation IP software (C++, Win32, OOP).
- Maintain and troubleshoot 1st generation IP software using Matrox Image processing boards.
Tel-Aviv, Israel — 1999-2004
Windows server system administrator and Software developer for the IT department (C, C++).
Haifa, Israel — 1995-1999
Embedded systems programmer using a variety of operating systems (proprietary, VxWorks, Windows CE) for several military systems.
Driver developer for Win95, NT and CE.
BSP for WinCE.
Assembly, C, C++.
- Implement a Win32 military communication network simulator.
- Design and implement a WinCE boot-loader and display driver.
- Proprietary x86 embedded system maintenance and development.
- Develop a communication driver (VxWorks) for a proprietary military targeting computer.
Specialization in software computer engineering, hardware computer engineering and digital-signal processing.