Andrew L. Sandoval
Software Architect
Areas of Expertise: | Accomplishments / Patents / Intellectual Property |
Windows Internals:
- Reverse Engineering
- Dynamic Code Creation & Injection
- API Hooking
- COM Hooking
- Assembly Language level debugging
- Device Driver Development
- Windows APIs
- Advanced Kernel Internals and DKOM
|
Products for OpenSpan, Inc.:
- OpenSpan Desktop Automation and Analytics products
- Revolutionary 4-byte, safe code-patch hooks - Can be overhooked with less intelligent hooking technologies and still function properly. Atomic 4-byte hooks for amd64 or x86 & WOW64 processes.
Products for ManTech International:
- Contracted projects for U.S. Government customers
- Details can not be disclosed
Publically Viewable Patents for Blue Coat Systems, Inc:
Additional Non-viewable Patent Applications for Blue Coat Systems, Inc: 2
Products for Blue Coat Systems, Inc.:
- Blue Coat ProxyRA On-Demand VPN client
- Built on my code-injection and API hooking libraries
- COM Hooking for policy based information controls
- Extensive reverse-engineering required to implement information controls
- Blue Coat ProxyClient WAN Optimization & Web Filtering client
- HTTPS filtering and some acceleration features built on my code-injection and API hooking libraries
- NDIS IM (Device Driver) development for Transparent ADN
- TDI (Device Driver) development for Transparent ADN
- Encrypted File System mini-filter (prototype)
Products for Quaresso Software Technologies:
- Protect On Q (formerly Permeo / Blue Coat WebProtect)
- Built on my code-injection and API hooking libraries
- COM & API Hooking for granular policy based information controls
- Anti-malware engine built partially on code-injection & API hooking libraries
Products for BMC Software, Inc.:
- Patrol End-to-End Response Timer
- MQSeries Optimizer, MQ Series Enforcer, (maybe other MQ products), and some database products as well as the Web Intercept Architecture
- Simpler Code Injection & API Hooking technologies for Unix and Windows
Open Source / Private Products:
- RevEngX- windbg extension
- 64-bit and 32-bit dynamic code creation and execution from debugger context - call any function in the target process with WIN32 definitions such as MB_INFORMATION or MEM_COMMIT, etc. with !callfn
- Scan for import table (IAT) & export table (EAT) hooks
- Set IAT & EAT hooks
- Code Injection capabilities with !loadlibrary
- Window discovery
- Unpublished - Code that allows injection & hooking of a 32-bit or 64-bit process without risk of failure due to concurrent access to overwritten instructions or table entries
- Unpublished - 32-bit and 64-bit code for setting hooks without overwritting a single instruction or patching an Import/Export Table.
|
Unix Internals
- Dynamic Code Creation & Injection
- API Hooking
- Reverse Engineering
- Unix System APIs
- Assembly Language for x86, SPARC, HPPA/HP-UX, AIX RS/6000 & PowerPC, and S390
|
Products for BMC Software, Inc:
- Web Intercept Architecture
- Finds, injects, and hooks into Unix and Windows Web Servers (from Sun, Apache, etc.) for pre-encryption content acceleration, etc.
- MQ Series products
- Hooks into MQ Series queue managers for MQ Optimizer / Enforcer (encryption prototype)
- Cross-platform (multiple Unix, Windows, and MVS) middleware libraries
Other:
|
iPhone Development / iOS Internals
- iOS Code Injection
- iOS API Hooking (C-libraries, Objective-C, and delegates)
- iOS Reverse Engineering
- Published App in the App Store: iFishJournal
- Objective-C++ (focus on deterministic C++ code over less-deterministic Objective-C)
|
iOS RE, Injection and Hooking for a product with details guarded by a current NDA.
See http://www.ifishjournal.com, or visit the Apple AppStore and search for iFishJournal - Fisherman's Journal
|
Embedded / Microprocessor
- Arduino Development
- Direct AVR development on ATMega168 and 328
- Circuit design
|
See my Instructables.com article for the "Digital Window Sticker"
|
Coding Languages (in order of preference):
* C++ (with STL and boost)
* C
* Assembly Language (x86, amd64, ARM, SPARC, others)
* Objective-C
* JavaScript, VB, bash, etc.
* Others
Childhood recognition for Software Development:
* Deseret News article featuring Andrew Sandoval and friends for software written and sold to the Granite School District in Salt Lake City, Utah.
Numerous open source projects, including:
* Tablet PC Extension for Libronix Library System
* mpegrec, an earlier linux based MP3 recorder
* DCE RPC port to Linux 2.0 (prior to glibc threads)
Work related recognition:
* Security Clearance: TS
* Consistent Technical Award Winner for Blue Coat Systems, Inc.
* Peer Award Winner for Blue Coat Systems, Inc.
* Horizon Award Winner Q3FY2001 for BMC Software, Inc.
* Top Gun Award Winner for BMC Software, Inc.
* Consistent 4 and 5 (sometimes and always exceeds expectations) on quarterly and yearly reviews for BMC Software, Inc.