Cristei Gabriel-Marian EXPERIENCE

April 2023 - Windows Software Engineer, C/C++/C#

About me Present Venn (venn.com) - DLP Team
I have been programming since 2013. I • Collaborated to create driver to bypass Google Chrome,
am able to find information and pro- Adobe Acrobat, ... sandbox, token and mitigations restric-
cess it by myself, and I have directive tions;
when working. I like, and practice, • Worked on and improved compatibility with Windows user-
space and internals inside the Secure Enclave
thinking outside of the box.
Information – Reverse engineering various parts of the Windows oper-
ating system, including AD (Active Directory) and WAM
 [email protected] (Web Account Manager) integration, finding issues in
 Brazil related Microsoft solutions; Credential Manager (We-
b/Windows Credentials) and reimplemented the en-
 github.com/cristeigabriel tirety of the Windows Cred APIs; Sparse Packages –
providing UWP identity to legacy Windows applications;
 linkedin.com/in/cristeigabriel Context Menu Handlers, reverse engineering Windows
 Available full-time 10 (HMENU) and Windows 11 (XAML) context menu
handler implementation into the system; UWP – appli-
Languages cation activation, isolation and basic support; and many
English - Professional Knowledge more;
– Reverse engineering various user-mode business applica-
Romanian - Native Language tions from Microsoft (Office Suite, Teams, etc...); Adobe
Technologies (Acrobat, etc...); Bloomberg; Box (Box Edit, ...); Zoom;
Google Chrome – and addins/plugins for them.
Git, Windows, COM, WinRT, WPF,
• Investigated and solved issues based on crash logs and crash
WinDbg, Minidumps+DbgHelp, dumps in driver, hooks, service, ...;
Sysinternals, Linux, • Improved and generalized testing in our hooks solution, al-
CMake, LLVM, gdb, Frida, lowing easier debugging of hooks in live at unit level, reduc-
IDA(6.8/7.0/7.2/7.5/...), ing the amount of time spent on testing and debugging;
nasm, SDL[7] , X11[7] , DirectX, • Offered guidance and help on-boarding to new team mem-
bers.
vcpkg, cargo, Node+NPM[8] , Node
bindings (C++/Rust with Neon) Oct. 2021 - Founder, C/C++/Lua/JS
Programming Languages March 2023 Aventum (formerly aventum.tk, defunct)
Served software to 500 customers;
• C, C++
• C# • General purpose programming
• Rust – Automated and optimized processes for dynamic fea-
• Lua tures;
• Python – Implemented software <-> external platform chat sup-
• JavaScript port, with text translation integration, media support in
a technically constrained environment;
• PHP
– Developed and documented[¹] a rich scripting API;
References • Systems programming
[1]: api.aventum.tk
github.com/cavalcade-cc/lua-docs – Multi threading; smart memory scanning[²], deploy-
[2]: github.com/cristeigabriel/memscan ing Minidump crash handler using Vectorized Exception
[3]: github.com/microsoft/STL Handler to allow helpful crash reports.
[4]: github.com/microsoft/onnxruntime • Reverse engineered target software platform;
[5]: github.com/cristeigabriel/STB • Developed fully featured user interface toolkit
[6]: github.com/TeamSCALEFORM/scaleform
[7]: github.com/cristeigabriel/zoomer
[8]: github.com/cristeigabriel/speechbubbler CONTRIBUTIONS
[9]: github.com/microsoft/STL/pull/2436
On GitHub, contributed to: STL[³] (implemented 2 LWG pro-
[10]: github.com/cristeigabriel/ALPCLogger
Microsoft posed changes: 3591, 3592), implemented new diagnostics[⁹]
Related from own proposition, onnxruntime[⁴] (synchronized server
- While interviewing with Apple, I found a bug endianness check code with client), and more;
in Swift for Windows, and fixed it using WinDbg On DevCom and other official mediums, reported MSVC com-
script;
piler bugs (compile-time bugs, macro bugs, infinite loop bug),
- Link: bit.ly/42cH72b
and Visual Studio bugs;
- Discovered bug in 32-bit PowerShell on
On GitHub, released a fork of zodiacon’s ALPCLogger¹⁰ with
Windows and fixed it using Frida;
- Link: bit.ly/4hzgRog threaded event debug stacktrace searcher and module name in
Personal
stackframes, libraries such as memscan[²] (C/C++ smart mem-
-Educational, massively parallel, lock-free ory scanning API), STB[⁵] (modern C++ IDA-style pattern string
threadpool, tested with 200 threads per
to byte array conversion, at compile-time), game mods such
core, 200 workers per thread, and more
configurations. as TeamSCALEFORM/scaleform[⁶] which has gathered an user-
- Link: github.com/cristeigabriel/threadpool.c base of over hundreds of people, etc.