Having more than 10 Years of experience in cyber security domain with proven practical experience in Threat Hunting, Google Dorking, Open-Source Intelligence, threat modelling, security code review, Penetration Testing(Web/Mobile) and implementing cyber security best practices into the organizations.
Proficient in threat hunting using MITRE ATT&CK, STRIDE, PASTA, OWASP Threat Dragon frameworks for conducting Threat Modelling framework, TTP’s and develop a heatmap.
Experience in using Python Boto3, AWS responder, libcloudforensics, AWS Security - Step Functions, AWS Lambda, CSP header verification using Python Scripts, AWS Step Functions and Canary tokens.
Hands-on experience in malware analysis through sandboxing techniques.
Experienced in analyzing registry keys, event codes, and network telemetry logs.
Capable of network traffic dumping and pcap analysis with tcpdump and network miner.
Hands-On experience in malware analysis, specializing Android(Java) malware, reverse engineering, code obfuscation and static analysis.
Familiar with fileless malware detection and other persistence techniques.
Proficient in browser extension and double file extension analysis.
Utilize threat analysis reports from Red Canary, CrowdStrike, and Palo Alto Networks for reconnaissance.
Proficient with CTI methodologies including analysis through frameworks such as the Pyramid of Pain, Diamond Model, and Cyber Kill Chain.
Capable of ensuring strong emphasis on security across web, thick client, API, mobile (iOS & Android), Kubernetes, containers, and cloud hosted services (AWS/AZURE).
Experienced in handling F5 products (BIGIP-Next, F5OS, SPK), BIGIP, NGINX core and NGINX Plus.
Strong technical experience in implementing cybersecurity methodologies such as NIST, OSSTMM, M(ASVS), SANS, MITRE ATT&CK and NIST & OWASP standards, with expertise in identifying application weaknesses, attack vectors, exploitation techniques, and countermeasures.
Well versed with TCP/IP, packet analysis(pcap), protocol analysis, web sockets, Endpoint analysis, network forensics, OAUTH 2.0, OpenID Connect and SAML identity protocols.
Implemented secure coding practices, reducing vulnerabilities and proficient in tools like Fortify and SecureCodeBox.
Extensive experience in using fuzzing tools like DirBuster, FFUF tools.
Hands-on programming skills using Java, JavaScript and Python
Areas of Expertise– Digital Forensics, Threat Hunting, Automation by Python Scripting.
Certified GIAC-Mobile Device Security and Ethical Hacker (GMOB).
Certified EC-Secure Programmer (ECSP) and Certified Ethical Hacker (CEH).
Successfully completed the "Advanced Infrastructure Security Assessment" course at the Null conference in 2022.
Successfully completed the "Breaking and Owning Applications and Servers on AWS and Azure" course at the Null conference in 2019
Developed security policies, ensuring compliance and smooth application delivery.
Good at using governance tools like JIRA, Confluence etc.
Web & Mobile Application:
CheckMarx, Fortify, SecureCodeBox, SonarQube, Burp Suite (Pro & Free), Fiddler, OWASP Zap Proxy, Paros Proxy, W3af, Echo Mirage, Snallygaster, PenCrawler, Hackbox, Galileo, FFUF, InfectionMonkey, Drozer, MobSF, Jadx, JD-GUI, Santoku, AndroidTamer, Adhrit, Reverse APK, Clutch, Rp++, Frida/Objection, Needle Framework, iFunbox, RastiCrac, Otool, Class-dump, iLEAPP, ALEAPP.
Threat Hunting and Telemetry Analysis:
Tcpdump, Wireshark, ATT&CK MITRE(TTP’s), Mimikatz, Scapy, PyShark, Network Miner, Zeek, Splunk, Sysmon, Snort, Wazuh, ElasticSearch(ELK), Suricata.
Web Services & Network Assessment:
WSSAT 2.0, Astra, Postman, SoapUI, API Fuzzer, Nmap, Nessus, Kali Linux, Metasploit, Crunch, Cain
Cloud & Containers, Threat Modelling
AWS Inspect, S3 Inspect, Bucket Finder, Guard, Clair, Anchore, Trivy, STRIDE, DREAD, Microsoft Threat Modelling Tool,
Client satisfaction and quality of work are my top priorities.
I'm a problem solver and I'm glad to help you with any task you have on your website.
Regards,
Sandeep T