About

Emanuel Durmaz

IT-Security Expert & Software Developer

Work Experience

present07/2019

Cyber Security Analyst

Evonik Industries AG Essen, Germany

Working in the Cyber Defense Team (CERT & SoC)

Analysis and investigation of IT security incidents (Incident Response)
Forensic analysis in relation to malware analysis
Execution and coordination of internal / external pentests
Product evaluation and consulting with regard to security aspects
Development via CI/CD of python libraries, integrations and automations for the SOAR platform.

03/201909/2018

Masterstudent

G DATA CyberDefense AG Bochum, Germany

As a master student in the Proactive Client Technologies team

Development of proactive protection solutions for Windows (e.g. based on filesystem minifilter drivers)
Development of a sandbox-based analysis system for automated malware Analysis

09/201810/2016

Working student

G DATA CyberDefense AG Bochum, Germany

Working in the Automated Threat Analysis team (within the R&D / Protection Technologies department).

Continued development of the DGA project
Manual web analysis for malicious behavior
Development of microservices for automated malware analysis projects

Joining the Proactive Client Technologies team from 01/2018.

Manual malware analysis with debugger and disassembler
Creating YARA signatures based on memory dumps

09/201606/2016

Intern

G DATA CyberDefense AG Bochum, Germany

Working in the Automated Threat Analysis team (within the R&D / Protection Technologies department).

Development of a framework for DGA Detection and Classification (Domain Generation Algorithm) with the purpose to improve the results of automated malware analysis.
Used to detect and classify DGA-based malware.
More info can be found in the G DATA Advanced Analytics Blog)

Education

03/201904/2017

M. Sc. in IT-Security / Information Technology

Ruhr-University Bochum Bochum, Germany

Focus: Operating Systems Security & Program Analysis
Thesis: Analyzing and Counteracting Cryptocurrency-related Malware Threats with Software-based Protection

03/201710/2012

B. Sc. in IT-Security / Information Technology

Ruhr-University Bochum Bochum, Germany

Focus: Web-, Network- & Data-Security
Thesis: Security Analysis of Private Cloud Interfaces of oVirt (RedHat)

00/201200/2003

General Qualification for University Entrance

Haranni-Gymnasium Herne, Germany

Miscellaneous

20192017

Deutschlandstipendium (National Scholarship Programme)

Ruhr-University Bochum Bochum, Germany

2017

Award and Presentation @ ITS|KRITIS Conference - VeSiKi for Students,

ITS|KRITIS Berlin, Germany

More info here and here.

2015

usd Hackerday

usd AG Bochum, Germany

Qualified for the usd Hackerday by solving hacking challenges. In this workshop, vulnerable systems were to be discovered, analyzed and attacked.

Programming Languages

Advanced: C#, C/C++, Assembler (x86), Java, Python, LaTeX

Basic: Assembler (AVR Atmega 8, ARM, x64), SQL, PHP, XML (Xpath, XSLT, Schema), JavaScript, HTML5, CSS, YARA, Shell Scripting (Linux), Gremlin, RegEx

IT Knowledge & Skills

Advanced: SOAR (Demisto / XSOAR), WWW-Concepts (HTTP, DNS, REST, RPC, AJAX, etc.), Network & Data Security, Cryptographical Algorithms & Protocols, Webservice Security, Penetrationtesting (SQLi, XSS, RCE, etc. / Metasploit / BurpSuite / nmap) Proof of Concept, Malware Analysis, Operating System Security, Exploit Development (e.g. Buffer Overflows via Ret2Libc / ROP-Chains), Software Reverse- Engineering (GNU Debugger, OllyDbg / ImmunityDebugger, WinDbg, DnSpy, IDA Pro), Privacy & Anonymity (Whonix/TOR Project), TCP/IP, Virtualization & Cloud Computing (oVirt IaaS Cloud, VirtualBox, QEMU, KVM), Cryptocurrencies (Bitcoin, Ethereum), Web Automation (Selenium Webdriver + PhantomJS), Traffic Analysis & Interception (Wireshark, Fiddler, MitmDump, Scapy)

Basic: Digital Forensics, Web Development, Debugging (GDB), SEO, Unit Testing, Machine Learning, Windows-API, Computer Vision & Image Processing, Message Oriented Middleware (RabbitMQ), Database-Systems (MySQL / PostgreSQL / HSQLDB / Redis), CMS (Joomla, Wordpress), Git, GitLab, Azure DevOps, MS PowerPoint, Rancher, Kubernetes, Atlassian-Stack (JIRA, BitBucket, Bamboo, Confluence), Sysmon, Docker (Network, Stack)

Contact Info

Work Experience

Education

Miscellaneous