Wanderley Caloni

Wanderley Caloni
Email:[email protected]
Tel: (11) 98438-5306
São Paulo – SP
Last Update: Apr/2014
Purpose
Hardcore C++ System Developer
Qualifications Summary
Windows platform system developer with 14 years experience (11 years Information Security, 3
years Financial Trading System).
Previous Jobs
2011 – 2014 UOL/Diveo Broker
Financial Markets Developer (Risk Analysis)
2008 – 2011 SCUA Information Security
System Developer and Project Coordinator
2005 – 2008 Open Communications Security
System Developer and Threats Analyst
2000 – 2005 SCUA Segurança da Informação
User Interface Developer and System Developer
Education
BS – CS (Network Architecture specialist) – Veris Educacional – 2008
English: Intermediate
Russian: Beginner
Skills and Capacitation
C++ Programming (Pro) - 15 years
Windows system development (Pro) - 14 years
Projects coordination (Good) - 6 months
Tem participating and communication skills (Great)
Fourteen years experience in Windows operating systems developing in information security
companies and financial market startup for three years; great team relationship; problem solving
using systemic vision, strong debugging skills, knowledge bases maintenance, chronograms and
people coordination.
Achievements
Co-founder of C++ Brazil Group with Rodrigo Strauss in 2004 that ever since has improved the
communication and information networking for all C++ developers in country.
Since 2013 was elected by Microsoft Visual C++ MVP (Most Valuable Professional) to
"exceptional, independent community leaders who share their passion, technical expertise, and realworld knowledge of Microsoft products with others".
Technical Record
Risk Analysis System in EMS/OMS
Communication library using Google Protocol Buffes for Financial Market System.
Software and hardware inventory
Clipboard and PrintScreen protection using windows hooks and global messages manipulation
Driver writing system event log
DeviceIoControl user/kernel communication
Desktop remote control using VNC technique
Remote execution tool PsExec (SysInternals) like
Print control using regex (Boost) and shell hook
Access policies management during user logon/logoff (register and hooks)
Datgabase migration CTree -> SQL (OLE classes)
Windows authentication using custom GINA and DCOM; Credential Provider (Vista)
CTree database synchronism using custom DCOM service
Bootable Linux CD with bash scripts and disk cryptography tools using C language
Hard disk encryption and PenDrive (USB) storage control
Blue Screen analysis using memory dumps and WinDbg live (Gflags)
System account execution using custom COM service
MBR (Master Boot Record) customization library
Blowfish/SHA-1 encryption library using C++ and 16 bits Assembly
Log access driver using shared memory between user and kernel mode
Kernel mode API hook for 9X and NT platforms
16 bits Assembly loader; debugging using debug.com tool
Executable protection using embedded domain authentication recorded inside files resources
Internet Explorer 6/7 and Firefox 1/2 browsing protection using Assembly 32 bits code injection
Code, strings and execution protection library (using Win32 interruptions)
Centralized log generation library using shared memory and global events
Internet Explorer 6/7 BHO (Broser Helper Object) and ActiveX; Mozilla/Firefox XPI plugin
Projects management using Source Safe, Bazaar and Batch (Win) scripts
Kernel mode debugging using SoftIce and WinDbg for NT platform, SoftIce and WDeb98 for 9X
platform
Trojans reverse engineering (C++, Visual Basic, Delphi) using WinDbg and IDA
Diagnostic tool listing files, services, drivers, register, disk partitions, processes, etc
Jobs monitoring in Win2000+ to installation and update control
Application use monitoring using noninvasive and invasive windows hooks
Houaiss reverse engineering and Babylon importation (dictionaries)
Build control with Cruise Control .NET, symbol server with Debugging Tools
Projects documentation using Doxygen and Wiki (Trac)
Management interfaces using C++ Builder 5/6 and Visual C++ custom libraries
E-mails analyzer using regular expressions (ATL classes)
Configuration interfaces using Visual C++ (MFC /ATL/WTL)
Project and tracing analysis using regular expressions (Vim and Grep)
Articles development using technical blog and Code Project community.
Financial Risk Analysis and Risk System development.
Lectures
CPP ISO Threads (C++ Meeting 2008)
Portability Tips and Tricks (C++ Seminary 2008)
Crash Dump Analysis (C++ Meeting 2010)
Use Case: Reverse Engineering using WinDbg (TDC 2011 and II Composium Unifei Itajubá)
RValue is the new LValue (C++ Meeting 2011)
Emergency Patch (TDC 2012)
Articles
Debugging and WinDbg:
Antidebug: interpretação baseada em exceção (parte 2)
Debug da BIOS com o SoftIce 16 bits
Carregando DLLs arbitrárias pelo WinDbg (parte 2)
Analisando dumps com WinDbg e IDA
Carregando DLLs arbitrárias pelo WinDbg (parte 2)
Como achar o código-fonte sem símbolos
Depurando até o último segundo
Importando tipos de outros projetos
Tools and Languages:
RmThread - Code execution in Another Process Context
Function Overload by Return
A mobilidade das variáveis no printf
Banco de dados no C++ Builder
Básico do básico: assembly
Desconstruindo um código ofuscado
Houaiss no Kindle
What happens inside the sizeof operator
Problemas comuns no WinDbg e suas soluções
Operating System and Reverse Engineering:
Windows Jobs com Completion Port
Como funciona o PsExec
Como rodar qualquer coisa como serviço (english)
Engenharia Reversa do Houaiss
Depuração da MBR
Detectando hooks globais no WinDbg
Encontrando as respostas do Flash Pops
Engenharia reversa para principiantes
GINA x Credential Provider
Hook de API no WinDbg (COM)
O boot no Windows: Kernel, NTLDR, pré-NTLDR and sem Windows