Adrian Tiron

(M, 28, Romania, BUCURESTI, Sector

2, not married)
Birth date: 09-09-1984
Phone: 40726754720
Mobile phone: 40726754720
Email: tiron_adrian@yahoo.com
Driving license: Yes
Objective
-
Targeted job: Full time
Desired job locations: BUCURESTI
Mobility: Only abroad
Willing to travel: Up to 50% of my working time
Experience
Experience by domains:
IT / Telecom Software / Programming - 8 years
Senior IT Security Consultant (Full time)
Period: 2012-05 <> present
Company and location: KPMG ROMANIA SRL, BUCURESTI
Job domain / occupation: Software / Programming
Web Application Security Specialist (Strong knowledge in PHP language and PHP
internals)
Network Penetration Testing and exploitation.
OSCP (Offensive Security Certified Professional, OSCE is next)
OWASP top 10 follower.
Modifying exploits in ruby/perl/python.
Performed manual/automatic pentesting for web applications, internal pen-testing
and mobile applications.
Created a patch for beef which allows proxying on a ssl hooked domain (basicaly
sslstrip functionality)
Created an action script POC for sending requests crossdomain where
crossdomain.xml allows it (started from MalaRia Proxy project)
Basic reverse engineering on malware.
Research on php internals and php security (MOPS 2007 & MOPS 2010).
-used tools like Burp suite, w3af, arachni, Appscan together with manual checks.
Now I'm studying reverse engineering, writing exploits for the windows platform and
also php exploits from MOPB by Steffan Esser.
-pentesting mobile applications, especially android apps, modifying smali code.
-DEFCAMP 2012 Speaker "On PHP Random numbers"
-keeping up to date with the latest news from conferences around the world, blogs,
twitter etc.
ps: i have started to learn the german language (using duolingo.com and
german.about.com)but i am a beginner so i would prefer the interview to be in
english.
Sr. Web Developer at PRO TV(CME) (Full time)
Period: 2008-03 <> 2012-05
Company and location: PRO TV SA, BUCURESTI
www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a!
Job domain / occupation: Software / Programming
- developer, Architect, Security guy.
- co Team-leader since Dec 2010
- i have developed/optimized/secured the following high traffic websites (250-300K
unique visitors daily each):
www.stirileprotv.ro
www.protv.ro
www.sport.ro
etc
- scanning our websites for bugs, did code reviews and worked together with the
sysadmins in case of incidents (used Acunetix, w3af, wpscan etc).
- contributed with patches to WPscan/bug fixing.
- project manager in Slovenia to facilitate the migration to the common 'cme-cms'
platform
- various patches in Zend Frameowork.
- modules developed: Agreggator class for css/js, 2nd level cache system,
extending Zend's Model, Request(with Sanitization), Controller etc
-RE some exploits packs like Phoenix and Eleonore
(javascript/php/java etc).
-small patches to OWTF/bug fixing
-digging trough code of open source projects like sqlmap, metasploit, whatweb,
w3af, nessus plugins(nasl language) etc.
- mentoring team members on coding best practices and security problems.
Senior Web Developer (Full time)
Period: 2007-03 <> 2008-01
Company and location: LIBRA BANK, BUCURESTI
Job domain / occupation: Software / Programming
PHP/Mysql/Javascript Developer:
Websites:
www.librabank.ro
www.internetbanking.ro
www.paginamedicala.ro
-intranet application to ease the work-flow of the Sales Team
Cms used: Drupal
Template System: Smarty
Web developer and SysAdmin (Full time)
Period: 2004-09 <> 2007-03
Company and location: Two Rasty SRL, BUCURESTI
Job domain / occupation: Software / Programming
-this company created the first payment processor in Romania,
www.leuvirtual.ro(unfortunately the company went bankrupt and you won't find
these websites online)
-here i started working and learning about the Security field, XSS, Sql Injection,
logical bugs etc, because we were building an aplication which used real money
and we had to be very careful.
www.leuvirtual.ro
www.smith.com.ro
www.bidding.ro
www.smith.com.ro
www.lionexchange.net
-sysadmin job, managing servers like apache, mysql, ftp, dns,iptables etc.
-optimizations on apache and mysql.
www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a!
Education
University (graduate)
Dimitrie Cantemir University, Finance, Banks and Economics (2006 - 2009),
BUCURESTI
Major: Banks Finances
University (graduate)
Politehnica University, (2003 - 2005), BUCURESTI
Major: Computer Science
Skills
Programming languages
php 5/c/c++/asm/Java
PDF format Javascript for Adobe Acrobat
RDBMS:
Mysql,Mssql,Pgsql
N0-SQL
Redis,Mongodb
Scripting languages:
python, ruby, rails, perl, bash scripting, nasl
Foreign languages
English - Advanced
Competencies
Hobbies
ZFCE certified
http://www.zend.com/store/education/certification/yellow-pages.php#show-
ClientCandidateID=ZEND010805
Books i've read:
Extending and Embedding PHP
Sql Injections Attacks and Defense
The Web Application Hacker's Handbook 1&2
The shellcoder's handbook
Gray Hat Hacking 3rd Edition
etc.
www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a!