Salary: Negotiable
Working Hours: 9 hours/day, 1 day off per week
Age: 21-35 years old
Nationality: No restriction
Location: Dubai
Job Requirements:
- Over 3 years of experience in red team operations, penetration testing, or vulnerability exploitation
- Proficient in webshell evasion, CS payload evasion, and bypassing security products
- Familiar with various C2 platforms, with practical experience in developing C2 for Mac and Windows
- Proficient in at least one programming language (e.g., C++, C#, Java, Python, PHP, Golang), with experience in red team tool development
- Extensive experience in phishing attack design and execution, familiar with common system and web vulnerability exploitation
- OSMR certification is a plus
Job Description:
Responsible for red team operations, focusing on C2 development for Mac and Windows platforms, phishing attack scenario design, and vulnerability exploitation. Utilize cutting-edge offensive and defensive techniques to develop feasible vulnerability exploitation and defense bypass strategies.
Responsibilities:
- Develop and execute penetration testing plans in high-security environments, including asset collection, web vulnerability exploitation, and lateral movement in internal networks
- Develop and optimize C2 tools for Mac and Windows platforms (e.g., Sliver, CobaltStrike, Viper, Manjusaka)
- Research and implement webshell evasion, CS payload evasion techniques, and bypassing security products such as Windows Defender, Kaspersky, and EDR
- Design and implement phishing attack scenarios via email, web pages, and social engineering
- Track the latest security vulnerabilities and APT attack techniques, conduct vulnerability exploitation and white-box code auditing (prefer experience with WordPress, Laravel, Drupal frameworks)
- Develop red team automation tools with a certain architecture design to improve penetration testing efficiency