About Me

Syler Clayton grew up Fairbanks, Alaska. He was home-schooled until he started attending the University of Alaska Fairbanks (UAF) a Center of Academic Excellence in Information Assurance Education (CAE/IA) sponsored by the National Security Agency (NSA),Department of Defense (DoD) and Department of Homeland Security (DHS), at age 16.

In 2014 he received his Masters degree in Computer Science with a Minor in Mathematics at the age of 21. His thesis was “Intelligent Management Platform Interface Protocol Security” which he presented to the University’s Office of Information and Technology and local InfraGuard chapter.

During his studies he worked on several research projects including a Security Audit for a project funded by the DoD. He was also a primary Software Developer for the redesign of the Computer Science Department website and an Administrator for the Remotely Accessible Virtual Environment. During graduate school he was a Manager of eight employees in the Computer Science Lab and acted as a T.A. for various classes.

While attending school Syler held positions in the UAF’s Cyber Security and Association for Computing Machinery clubs. In 2013 he volunteered as White Team for the At-Large Collegiate Cyber Defense Competition (CCDC). In 2014 he played on the Blue Team and was appointed the Windows & Linux Expert title. His team placed first in regionals and went on to place third in National CCDDC out of an original 180 teams. Pivoting into a more offensive role he currently manages the Red Team for the At-Large CCDC (2015-2018) and plays on the Pacific Rim CCDC (2016).

After graduate school Syler worked as a Software Developer/Analyst for a small consluting company Resource Data Inc.

Syler has obtained several professional certifications from the Committee on National Security Systems and Offensive Security:

• Information Systems Security (INFOSEC) Professional (NSTISSI-4011)
• System Administrator (CNSSI-4013)
• Offensive Security Certified Professional (OSCP)
• Offensive Security Certified Expert (OSCE)
• GIAC Security Essentials (GSEC)

Syler likes playing and exploiting video games and embedded devices. He helped reverse engineer the crypto system of the Nintendo 3DS and released a suite of decryption tools. He also helped reverse engineer the Wii U and develop a full chain of exploits to gain initial access to the system. This included WebKit vulnerability hunting, heap grooming, return oriented programming, timing based side channel attacks and exploitation of a race condition in the kernel. He likes to participate in various CTF’s and has helped host the Vegan Zombies CTF at BSidesPDX.

Titles he would use to describe himself: Reverse Engineer, Exploit Developer, Shellcoder, Penetration Tester, System Administrator, Security Architect, Software Developer, Network Administrator, CTF Creator and Player, Hardware Tinkerer, Forensic Analyst, Red Team InfoSec Guru and VR Enthusiast.

Fluent in C, C++, Python, Java, C# and Bash. Experienced with x86, x64, PowerPC, ARM and MIPS assembly. Familiar with JavaScript, Ruby, Perl and various other scripting languages.

Familiarity with tools such as IDA Pro, Immunity Debugger and GDB for performing static and dynamic binary analysis. HP Fortify and Checkmarx for static source code analysis. BurpSuite Pro, HP WebInspect, the Metasploit Framework and various utilities in the Kali Linux distribution.

Experienced finding and exploiting blind SQL injection, XSS, XSRF, Absolute Path Traversal and Command Injection vulnerabilities in web applications.

Experienced rooting/backdooring routers, phones and IoT devices using hardware access points such as UART, JTAG and SPI. Experienced developing 0day exploits for embedded systems through black box reverse engineering techniques and side channel attacks. Experienced bypassing advanced exploit mitigation techniques such as DEP and ASLR. Basic understanding of hardware glitching attacks, information leakage via timing side channels and hardware implant development.

Ethical Hacker. Does not gain unauthorized access to systems without prior written permission. Has home hardware/software lab for conducting research and experimentation.

Security Researcher with over 6 years of professional experience in Reverse Engineering, Exploit Development, Penetration Testing & Software Development. Over 20 years of self-taught programming & hacking experience.

Has experience working as team lead on technical projects with group management, working with project management software, and using agile development techniques. Is self-driven, eager to learn new technologies and strives for continued excellence in all aspects of his work and life.

Interests

Information Security, Reverse Engineering, Exploit Development, Shellcoding, Penetration Testing, System Administration, Security Architecture, Software Development, Network Administration, CTF Hosting and Participation, Hardware Tinkering, Forensic Analysis, Virtual Reality and Machine Learning.