Skip to content

$ whoami

Israel
Fernandez

Systems Software Engineer

Nine years writing systems software: embedded firmware, Linux kernel drivers, and computer vision on custom ARM hardware. Now I reverse-engineer Android binaries and build offensive tooling, because the most interesting bug is the one nobody knew was there.

// currently: Apple silicon by day, Android security research after hours

See projects Read my writing

01 / ABOUT

Background

I'm moving into Android security and red teaming: the same instinct that drove the systems work, now pointed at where systems break instead of how they run. If it's low-level, I want to understand it well enough to take it apart.

I shipped my first Linux kernel module in 2018 and have worked low in the stack ever since: embedded firmware, kernel drivers, real-time computer vision on custom ARM hardware. Bootloader to user-space, hardware bring-up to field deployment. You can't reliably break a system you don't already know how to build.

Today I'm at Apple (contract via Sasken Technologies) on hardware and firmware integration. Before that, eight years at Gantz-Mountain, a defense AI startup in Monterey building low-level systems on custom embedded hardware.

After Gantz-Mountain I finished my B.S. at CSUMB (graduated with honors, May 2025), took cybersecurity coursework, and went deep on offensive security: building a C2 framework from scratch, working through Android internals with Frida, and preparing for a full-time move into red teaming.

// WHAT I'M GOOD FOR

  • Linux kernel & driver dev
  • ARM / embedded firmware
  • Android reverse engineering
  • Low-level network protocols
Open to work

Looking for red team / offensive security roles, full-time. Email me at israelfernandez96@gmail.com.

Location
California, USA
Education
B.S. Computer Science, CSUMB

02 / SKILLS

Toolkit

// grouped by depth, not a star rating

Systems & Embedded

Where nine years went. Production firmware, kernel work, real-time.

  • C / C++ Core
  • Embedded Systems Core
  • Linux Kernel Core
  • ARM Assembly Core
  • RTOS / FreeRTOS Core
  • Device Drivers Core

Security & Offensive

The pivot. Newest skills, growing fastest.

  • C2 / RAT design Working
  • Network protocols Working
  • Android app analysis Building
  • Reverse Engineering Building
  • Frida / Objection Building
  • IDA / Ghidra Building

Languages & Tools

What I reach for outside deep-systems work: automation, web, tooling.

  • Python Core
  • Bash / Shell Core
  • Git / GitHub Core
  • TypeScript Working
  • Docker Working
  • SvelteKit Working

03 / EXPERIENCE

Track record

Independent Security Research

Research
Self-directed 2024 – Present Remote

The pivot, made concrete. Started during the final year of my B.S., building offensive tooling and working through kernel and Android internals from an attacker's point of view.

  • Built BeaconUI, a 3-transport educational C2 framework (raw TCP, mTLS HTTPS, beacon/callback) with a Python and C implant and a Svelte operator dashboard
  • Working through OWASP MASVS / MASTG; Frida instrumentation against deliberately vulnerable Android targets
  • Long-form writeups on protocol design, exploit reasoning, and tooling decisions

stack: Python · C · Frida · mTLS · SQLite · Svelte 5

Hardware Systems Software Engineer

Contract
Apple via Sasken Technologies 2025 – Present Cupertino, CA

System-level software, automation, and diagnostics across hardware platforms. Deep-stack integration work that keeps the systems knowledge current while the security side ramps.

  • Built and maintained internal diagnostic + automation tooling used across hardware platforms
  • Drove low-level bug triage with firmware and hardware teams
  • Software and firmware integration on Apple silicon: bring-up support, validation, regression analysis

stack: C · C++ · Python · Linux · Shell

Systems Software Engineer

Full-time
Gantz-Mountain Intelligence Automation Systems 2016 – 2024 Monterey, CA

Eight years at a defense AI startup, where the foundation got built: bare-metal firmware, kernel drivers, BSP customization, and real-time computer vision on custom embedded ARM hardware.

  • Redesigned the algorithm and memory layout to raise computer-vision throughput 40%
  • Diagnosed a thermal regression with the EE team, cutting cooling cost 20%
  • Linux kernel driver development and BSP customization for custom ARM platforms
  • Mentored interns porting CV algorithms from MATLAB to C
  • Hardware-in-the-loop testing and low-level networking for field deployments

stack: C · C++ · Linux · ARM · MATLAB · Lua

04 / PROJECTS

Selected work

Personal projects I'd actually point a hiring manager at. Each links to its source, or says when it's private.

Now building

BeaconUI

Beacon-model C2 with dual Python/C implants (~29 task types each), mTLS transport, AES-256-GCM encryption, a Svelte operator dashboard, and a from-scratch shellcode stager. I built it to understand modern C2 architecture at every layer.

Educational / authorized targets only · source on request
PythonCSvelte 5mTLSSQLitelibcurl
writeup

// top features

  • Dual-language implant: 29 task types in Python, 28 in C (from scratch)
  • Cross-platform C implant: Linux, macOS, Windows
  • mTLS transport + HMAC-SHA256-derived endpoints
  • AES-256-GCM application-layer encryption toggle
  • Persistent PTY shell, SOCKS5 proxy, shellcode stager
  • HTML smuggling dropper with XOR obfuscation
  • SQLite persistence (WAL), SSE live dashboard
  • 490 tests (unit + integration + Playwright E2E)

Offensive Security Bootcamp Portal

Local labs only · source on request

A searchable SvelteKit portal for a Markdown-first offensive security curriculum: modules, CTF prep, labs, Android material, progress tracking, and review paths.

SvelteKitTypeScriptMarkdownSecurity Education

CDN from First Principles

A toy content delivery network with edge caching, origin pull, RFC 7234 cache validation, and geographic routing. I built it to understand CDN internals without leaning on libraries.

PythonHTTPDNSCaching
source

Recursive DNS Resolver

An iterative resolver written against the RFC 1035 wire format, no library shortcuts. It walks roots to TLDs to authoritative servers, handles A/AAAA/MX/CNAME, and retries on truncation.

PythonDNSUDPNetworking
source

Home Security Dashboard

A local-only console for home cameras and sensors with real-time alerts and a plain web interface. Self-hosted, no cloud round-trip.

SvelteKitTypeScriptWebSocketsIoT
source
More on GitHub

05 / CONTACT

Get in touch

Open to offensive security and red team roles, full-time. Also up for systems, embedded, or anything low-level.

// usually reply within 48h

Email me
iFernandez96 ifernandez96

Built with SvelteKit + Tailwind · © 2026 Israel Fernandez

View source