Chris Stahly

01. About me

A bit about me

I'm a reverse engineer and application security specialist. I spend my time understanding how software works at its lowest levels — then figuring out how to break it, protect it, or make it do something it wasn't supposed to.

Over two decades I've worked across the full spectrum of application security: binary analysis, cryptographic architecture, anti-tamper and anti-cheat systems, threat modeling, and security engineering at the director level. I take a consultative approach — understanding what's actually at risk before recommending how to protect it.

• ▸Reverse Engineering
• ▸Cryptography
• ▸Application Security
• ▸Threat Modeling
• ▸Binary Analysis
• ▸Anti-Tamper
• ▸Penetration Testing
• ▸OSCP

Hack The Box

cstahly

Credly

OSCP verified

Offensive Security Certified Professional

Public GitHub

cstahly

Recent commits

02. Work

Selected work

• Mobile Application Protection

  Designed and deployed anti-tamper and anti-reverse engineering protections for high-value mobile applications across fintech, healthcare, and gaming verticals. Binary instrumentation, runtime integrity verification, and cryptographic obfuscation — deployed across hundreds of millions of devices.

  • Binary Analysis
  • Anti-Tamper
  • Cryptography
  • iOS/Android
• Medical Device Security Program

  Built a security engineering program from scratch for a regulated medical device manufacturer — including threat modeling, vulnerability assessment, security code review, and a standardized penetration testing framework with executive-level metrics reporting.

  • Threat Modeling
  • Penetration Testing
  • Risk Assessment
  • SDLC
• Game Anti-Cheat & DRM

  Led professional services engagements applying anti-cheat and DRM protections to desktop and mobile games. Designed protection plans based on threat and risk data, covering anti-debugging, license enforcement, integrity checking, and obfuscation of high-value game assets.

  • Anti-Cheat
  • DRM
  • Reverse Engineering
  • Gaming