André Lima

Researcher / Red Team specialist

Residence: Oslo, Norway

Researcher, speaker ( Bsides Lisbon 2022 , Bsides Oslo 2022 , 2023 , Sikkerhetsfestivalen 2023, 2024, 2025, TIBER-EU Provider Conference 2024, Bsides Kristiansand 2025 , Vinterkonferansen 2026 , Compliance Seminaret 2026 ) and Red Teamer doing it (pentesting / red team) since 2011. Have worked in Portugal, Australia, and now settling with family in Norway (Oslo). My main areas of expertise are: Malware development for Red Teams, including Windows Kernel Rootkits, as well as bypassing EDRs; Reverse Engineering (WinDbg, IDA, x64dbg); Exploit development (bug hunting with WinDbg+IDA and writing remote exploits using python3); Red Team (cloud infrastructure setup and automation, and payload development and automation in C#/C++/C/assembly); Blackbox fuzzing, with qemu and developing my own emulators in C and Rust.

I mostly enjoy researching, figuring new things out, and publishing content at my blog and YouTube “jump call pop” channel.

Personal Information

• Address: Oslo
• Nationality: Portuguese
• Hobbies: Playing basketball, chess, tennis, and watching Formula 1.

Social Profiles

• Blog: 0x4ndr3.github.io
• Twitter: @0x4ndr3
• LinkedIn: linkedin.com/in/aflima
• Personal website: andrelima.info
• Presentations @ Conferences: github.com/0x4ndr3/Presentations
• YouTube channel: youtube.com/@0x4ndr3
• Exploit-DB Shellcodes: exploit-db.com/shellcodes?author=9244
• Exploit-DB Papers: exploit-db.com/papers?author=10628

Languages

• ★★★★★ English
• ★★★★★ Portuguese
• ★★★ French
• ★★ Spanish

Skills

• ★★★★★ Leadership
• ★★★★★ Communication Skills
• ★★★★★ Research
• ★★★★☆ Fuzzing (blackbox)
• ★★★★★ Maldev
• ★★★★☆ Reverse Engineering
• ★★★★☆ Exploit dev

Work Experience

August 2025 – Present

Red Team Leader at Telenor CyberDefence , Oslo

• Lead Red Team initiatives, ensuring technical quality assurance for all deliveries.
• Mentor team members, fostering career development and enhancing technical skills.
• Develop malware and conduct in-depth research to stay ahead of threats.
• Present findings at international conferences, showcasing expertise in Cybersecurity.

November 2023 – August 2025

Team Leader in Cyber Ops — Senior Manager at Cyber & Digital Risk at Advisense , Oslo

Leading a team of ethical hackers to improve and optimize penetration tests and red team engagements. Also doing research and payload development, focusing on EDR bypasses.

March 2022 – October 2023

Manager in Risk Advisory Services (Red Team Operator) at PwC Norway , Oslo

• Windows Rootkit Development
• Windows malware and C2 development
• Research for AV bypass
• Red Team operation
• Infrastructure automation (terraform, ansible, python3)
• Payload generation automation (Roslyn, LLVM)

June 2017 – December 2021

Senior Penetration Tester at Pure Security / Tesserent (Australia), Melbourne

• Reverse Engineering of Windows applications and internals
• Coordinate Red Team engagements
• Research and tool development
• Penetration Testing
• Physical recon and physical attack deployment

October 2016 – June 2017

Team Leader Pentesting Team at Integrity S.A. (Portugal), Lisbon

• Coordinating team members
• Making sure analysis by different members render the same consistency throughout all clients’ pentests done by the team
• Mentoring junior team members
• Guiding the creation of vulnerability templates for reporting
• Develop scripts (python+bash on github) that assist in guaranteeing consistency and efficiency throughout the pentesting process

January 2011 – June 2017

Penetration Tester at Integrity S.A. (Portugal), Lisbon

November 2010 – January 2011

Internship in Information Security Consulting at Integrity S.A. (Portugal), Lisbon

Education

August 2003 – February 2009

Instituto Superior de Engenharia de Lisboa (ISEL), Lisbon — Undergraduate degree in Computer Science

Final project on monitoring system Nagios: pfc.pdf

Courses

• May 2023 — Hypervisor Development for Security Researchers, Offensivecon 2023
• February 2019 — Windows Kernel Rootkits (by Bruce Dang), Offensivecon 2019
• August 2018 — Fuzzing for Vulnerabilities, Huntress Labs (BlackHat USA 2018)

Speaking Events — Conference Presentations

Complete list and details, including videos/slides can be found here .

• GoToSec 2026 (Internal Telenor Conference)
• Compliance Seminaret 2026
• ISF Vinterkonferansen 2026
• Sikkerhetsfestivalen 2023,2024,2025
• Bsides Kristiansand 2025
• TIBER-EU Provider Conference, Düsseldorf, 2024
• Bsides Oslo 2022, 2023
• Bsides Lisbon 2022
• Sapo Codebits 2014

Certifications

• Offensive Security Exploit Developer (OSED) Certificate online
• eLearnSecurity Certified Reverse Engineer (eCRE) Certificate online
• Offensive Security Certified Professional (OSCP) Certificate online
• x86_64 Assembly Language and Shellcoding on Linux Expert (SLAE64) Certificate online
• ISC2 Associate CISSP — May 2011 – May 2012 Do reach out for validation, please.
• CREST CRT Certificate online
• eLearnSecurity Web Application Penetration Testing Extreme (eWPTX/WAPTX) Certificate online
• Offensive Security Wireless Professional (OSWP) Certificate online