Andrew L. Sandoval

Software Architect


Current Status 8/2012:  Employed for OpenSpan, Inc.
Resume (Word) Resume(HTML)
Areas of Expertise:Accomplishments / Patents / Intellectual Property
Windows Internals:
  • Reverse Engineering
  • Dynamic Code Creation & Injection
  • API Hooking
  • COM Hooking
  • Assembly Language level debugging
  • Device Driver Development
  • Windows APIs
  • Advanced Kernel Internals and DKOM

Products for OpenSpan, Inc.:

  • OpenSpan Desktop Automation and Analytics products
    • Revolutionary 4-byte, safe code-patch hooks - Can be overhooked with less intelligent hooking technologies and still function properly.  Atomic 4-byte hooks for amd64 or x86 & WOW64 processes.

Products for ManTech International:

  • Contracted projects for U.S. Government customers
    • Details can not be disclosed

Publically Viewable Patents for Blue Coat Systems, Inc:

Additional Non-viewable Patent Applications for Blue Coat Systems, Inc: 2

Products for Blue Coat Systems, Inc.:
  • Blue Coat ProxyRA On-Demand VPN client
    • Built on my code-injection and API hooking libraries
    • COM Hooking for policy based information controls
    • Extensive reverse-engineering required to implement information controls
  • Blue Coat ProxyClient WAN Optimization & Web Filtering client
    • HTTPS filtering and some acceleration features built on my code-injection and API hooking libraries
    • NDIS IM (Device Driver) development for Transparent ADN
    • TDI (Device Driver) development for Transparent ADN
    • Encrypted File System mini-filter (prototype)
Products for Quaresso Software Technologies:
  • Protect On Q (formerly Permeo / Blue Coat WebProtect)
    • Built on my code-injection and API hooking libraries
    • COM & API Hooking for granular policy based information controls
    • Anti-malware engine built partially on code-injection & API hooking libraries
Products for BMC Software, Inc.:
  • Patrol End-to-End Response Timer
    • Some API Hooking
  • MQSeries Optimizer, MQ Series Enforcer, (maybe other MQ products), and some database products as well as the Web Intercept Architecture
    • Simpler Code Injection & API Hooking technologies for Unix and Windows
Open Source / Private Products:
  • RevEngX- windbg extension
    • 64-bit and 32-bit dynamic code creation and execution from debugger context - call any function in the target process with WIN32 definitions such as MB_INFORMATION or MEM_COMMIT, etc. with !callfn
    • Scan for import table (IAT) & export table (EAT) hooks
    • Set IAT & EAT hooks
    • Code Injection capabilities with !loadlibrary
    • Window discovery
  • Unpublished - Code that allows injection & hooking of a 32-bit or 64-bit process without risk of failure due to concurrent access to overwritten instructions or table entries
  • Unpublished - 32-bit and 64-bit code for setting hooks without overwritting a single instruction or patching an Import/Export Table.
Unix Internals
  • Dynamic Code Creation & Injection
  • API Hooking
  • Reverse Engineering
  • Unix System APIs
  • Assembly Language for x86, SPARC, HPPA/HP-UX, AIX RS/6000 & PowerPC, and S390
Products for BMC Software, Inc:
  • Web Intercept Architecture
    • Finds, injects, and hooks into Unix and Windows Web Servers (from Sun, Apache, etc.) for pre-encryption content acceleration, etc.
  • MQ Series products
    • Hooks into MQ Series queue managers for MQ Optimizer / Enforcer (encryption prototype)
  • Cross-platform (multiple Unix, Windows, and MVS) middleware libraries
Other:
iPhone Development / iOS Internals
  • iOS Code Injection
  • iOS API Hooking (C-libraries, Objective-C, and delegates)
  • iOS Reverse Engineering
  • Published App in the App Store: iFishJournal
  • Objective-C++ (focus on deterministic C++ code over less-deterministic Objective-C)

iOS RE, Injection and Hooking for a product with details guarded by a current NDA.

See http://www.ifishjournal.com, or visit the Apple AppStore and search for iFishJournal - Fisherman's Journal

Embedded / Microprocessor
  • Arduino Development
  • Direct AVR development on ATMega168 and 328
  • Circuit design
See my Instructables.com article for the "Digital Window Sticker"


Coding Languages (in order of preference): 

* C++ (with STL and boost)

* C

* Assembly Language (x86, amd64, ARM, SPARC, others)

* Objective-C

* JavaScript, VB, bash, etc.

* Others

Childhood recognition for Software Development: 

* Deseret News article featuring Andrew Sandoval and friends for software written and sold to the Granite School District in Salt Lake City, Utah.

Numerous open source projects, including:

* Tablet PC Extension for Libronix Library System

* mpegrec, an earlier linux based MP3 recorder

* DCE RPC port to Linux 2.0 (prior to glibc threads)

Work related recognition:

* Security Clearance: TS

* Consistent Technical Award Winner for Blue Coat Systems, Inc.

* Peer Award Winner for Blue Coat Systems, Inc.

* Horizon Award Winner Q3FY2001 for BMC Software, Inc.

* Top Gun Award Winner for BMC Software, Inc.

* Consistent 4 and 5 (sometimes and always exceeds expectations) on quarterly and yearly reviews for BMC Software, Inc.