Crop Picture
NOTE: Do not upload any image that violates our Picture Policy. Doing so will result in the removal of the concerned image without prior notification.
概要
Cyber Security Consultant with a background in Systems Engineering
Experienced in Infrastructure Penetration testing / Red Team Operations and Threat hunting.
The Guy who loves breaking networks
I Love Popping shells, Escalating privileges, and Wandering inside Networks.
Specialized in Advance Active Directory Attacks From Generating Custom Macro Payload and Other Advance techniques for Initial access, Lateral Movement to Domain Controller pwnage.
Popped "NT Authority" / "root" shell in no time at Various projects.
- Having In-depth Command on Python3, Internals of OSs (Windows / Linux).
- Strong Hands-on with ELK Stack in various Threat Hunting projects. (Deployment / Analysis) (Security Onion, HELK).
I frequently participate in Global Online CTFs and hold a Pro Hacker rank on renowned CTF platform HackTheBox
https://app.hackthebox.eu/profile/15981
Open to work (relocation or Remote)
Areas of interest:
- Red Teaming
- Binary Exploitation
- Reverse Engineering
- Threat Hunting
- Memory Forensics
工作经历
Team Lead - Cyber Operations
- Red Team Engagements.- Infrastructure Vulnerability Assessments and Penetration tests (internal/external)- Web Application Penetration tests.- VAPT, Compromise Assessment and InfoSec Project handling.- Team management- Securing an organization’s critical infrastructure- Report Development
Consultant - Cyber Security & Risk Advisory
- Infrastructure Penetration test (internal / External) and internal Red Team Engagements.- Vulnerability Assessments using commercial-grade tools (Nessus, Nexpose, Acunetix, Netsparker)- Penetration tests of Azure and AWS-based applications. (Cloud)- Vulnerability assessment in OT (Industrial Control Systems) Environments using commercial-grade tools (Nozomi Guardian) and review results. Collaborate with client’s staff to rank vulnerabilities, validate high-risk vulnerabilities on specific targets. Develop a remediation action plan.- Report writing- Customized Macro payloads for phishing, Deployed and managed C2 Frameworks (covenant, Faction, Cobalt Strike). Lateral movements to DC compromise- Threat Hunting, advance network, and host analysis in the event of a compromise.- Used ELK stack (Log Analysis) and deep memory forensics to identify threats, determine root cause, scope, and severity of each and compile/report findings into a finished analytical product.- Identify potential security exposures that may currently exist or may pose a potential future threat to the client’s networks and applications
Penetration Tester
• Conduct network, web and mobile application security vulnerabilities assessments, (review designs, perform pen test, code review, and security checks) through the use of scanning tools and manual checks and notify the appropriate team to take necessary action.
• Assist with application security penetration testing activities, including scheduling, resources, tool execution, and reporting.
• Identify potential security exposures that may currently exist or may pose a potential future threat to client’s networks and applications.
• Support Development Teams, Architects and Security teams to periodically review the application code and be able to define the security posture of applications and back-end systems
Systems Engineer
• Layer 7 Firewall Management
• SSL/TLS, HTTPS, Security Management
• Cloud based Endpoint Device management
• Citrix Xen Server Administration
Install, configure, maintain, and support
Manages servers with multiple OS’s, includes provisioning, monitoring and upgrades.
Deploy and manage virtual servers, including server provisioning, upgrading, monitoring, maintaining, performance optimization.
