Red Team Dev (Intern)

Join us in building an autonomous penetration testing platform that simulates real-world adversaries. You&aposll develop exploit chains, 0-day discovery systems, and evasive payloads that help organizations understand their security posture for cyber insurance and compliance.

• Exploit Automation

  : Multi-stage attack chains from initial access to data exfiltration

• 0-Day Discovery

  : Intelligent fuzzing infrastructure and vulnerability research systems

• Evasion Techniques

  : Polymorphic payloads that bypass modern EDR/AV solutions

• Cloud Attacks

  : AWS/Azure/GCP exploitation modules and container escapes

• Custom C2

  : Covert communication channels and post-exploitation frameworks

• Reporting Engine

  : Auto-generate compliance-ready pentest reports

• Languages

  : Python (expert), C/C++, Go/Rust, Assembly basics

• Web Exploitation

  : OWASP Top 10 (SQLi, XSS, SSRF, Deserialization, SSTI)

• Binary Exploitation

  : Buffer overflows, ROP chains, heap exploitation

• Tools

  : Metasploit, Burp Suite, Cobalt Strike, IDA/Ghidra

• Cloud Security

  : AWS/Azure misconfigs, Docker/K8s attacks

• Evasion

  : AV bypass, sandbox detection, AMSI/ETW patching

• HackTheBox

  : Minimum Pro Hacker rank (50+ owns) - include profile link

• CTF Experience

  : Active participation (picoCTF, DEF CON quals, GoogleCTF)

• GitHub Portfolio

  : Security tools, exploit development, CTF writeups

• Proven Skills

  : CVEs, bug bounties, or published exploits are a huge plus

• TryHackMe Top 5% or PortSwigger Academy completion
• OSCP/OSWE in progress or completed
• pwnable.kr, ROP Emporium, or Nightmare challenges
• Personal security research blog or YouTube channel
• Contributed to open-source security tools

1. Portfolio Review

   : GitHub + HackTheBox profile assessment

2. Take-Home Challenge

   : Design an attack chain for given scenario assignment

• Only used automated scanners
• Can&apost code beyond basic scripts
• No hands-on exploitation experience
• Ethical flexibility

• Built your own tools
• Linux nut
• Discovered real vulnerabilities
• Active security community contributor

This isn&apost a typical security internship running Nessus scans. You&aposll build the platform that makes traditional pentesting obsolete. Your code will simulate real attackers, helping protect thousands of organizations.

We need someone who sees a login page and thinks "SQLi, NoSQLi, LDAP injection, or mass assignment" Someone who gets excited about bypassing protections, not just finding vulns.