dutra

While at halborn, I worked alongside three teams, each with different types of technologies. These teams were the Solidity, SWAT, and research and development team. I audited smart contracts implemented in rust (CosmWasm) and solidity and did fuzzing projects for layer-1 blockchains and EVM implementations in Golang. I finished my work there doing audits in smart contracts written in Move for the Aptos blockchain.

I worked in the research and development team at Conviso as a security researcher. My main focus was vulnerability research projects on open source software, applying security code review and fuzzing techniques to search for vulnerabilities. I also wrote theoretical material and taught advanced exploitation techniques for the pentest as a service team, applying what I learned during my research.

As information security analyst I mainly did web and network penetration testing, working in the offensive security team. I also did some projects involving secure code review and cloud security review of aws infrastructure. Knowledge developed: web application pentest, network pentest, vulnerability research, secure code review.

I've worked on the maintenance of our cloud servers, both for the reliability of the Conviso main product and for our internal VPN servers and tools. I've also deployed some monitoring tools like grafana, prometheus and kibana, and had to develop my own tools. Knowledge developed: aws, google cloud, grafana, prometheus, elastic search, golang, nodejs, ipsec.

Until the end of 2017 I worked in the software/hardware integration team. My main role was to develop everything that is part of the gsm products, from the firmware to the frameworks that will be used by customers and other applications that are part of the ecosystem of Khomp products. I also researched potential firmware vulnerabilities in khomp products. From 2018 until 2019 i worked at the vSBC project, a virtualized session border controller, the main focus of this product was VoIP and network security. My role was to maintain and develop features for the product in all the areas covered by it: software virtualization, networking, routing optimization for voip calls, and a wide range of technologies related to VoIP security.

My main role during the khomp internship involved developing and maintaining the library that is the core of all the company's products, the K3L (khomp low-level library). for this function, I had to study a lot of telecommunications technologies, mostly GSM, SIP, and E1. In addition to participating in the development of the library, I developed and maintained several components of the khomp product ecosystem, where I developed my knowledge of software development with a high level of parallelism, network communication and protocols such as snmp. after the first year of internship, I owned the development and maintenance of the entire GSM stack of khomp products, learning how the gsm network works, the AT communication protocol and the integration of software and hardware in our products with the gsm modules. Knowledge developed: software and hardware integration, telecommunications, gsm/3g, c, c++, embedded systems, development of software with high level of parallelism.

During my internship at micromar I participated in the design and development of a three-dimensional visualization library for medical images. In the early stage of the internship I studied the environment to develop software for apple's proprietary platforms, familiarizing myself with the objective-c language. After that, I studied the structure of the dicom standard, and implemented the visualization framework using the vtk library, interfacing the c ++ library with objective-c. knowledge developed: objectivec, c ++, vtk, dicom.