Here are a few things I've done!
Work
Security Intern, Synopsys May '22 - August '22
- Performed network penetration testing on a financial company's internal infrastructure manually using tools like NMAP, ldapsearch, Responder and with Nessus for automated testing. Assisted in report writing for the vulnerabilities found.
- Scanned for vulnerabilities on a web application by performing manual testing methods based on the OWASP checklist and automated testing using Netsparker & Burp Suite Pro. Triaged the scan results and found a DNS exfiltration vulnerability.
- Ranked 1st out of 110 participants in the internal hacking competition, presented a walkthrough to Consultants and Interns.
- Contributed, by finding a null byte vulnerability, in the HTB Business CTF 2022 (Ranked 26th/326).
- Deployed a Jenkins pipeline to integrate various tools - Truffle hog, OWASP dependency checker, SonarQube, OWASP ZAP, in the build process to secure the application with DevSecOps.
- Encrypted S3 buckets using KMS with key rotation and set up CloudTrail to log all data events for the S3 bucket. Setup the AWS secrets engine in hashicorp vault on an EC2 instance to manage keys. Configured Amazon GuardDuty and Lambda to update the AWS WAF WebACLs and VPC Network ACLs in response to GuardDuty findings and alarm with AWS SNS.
New York University
Course Assistant, Operational Technology Security Sept '22 - Dec '22
- Graded assignments based on MATLAB, CODESYS and provided feedback to students for better conceptual understanding.
Course Assistant, Network Security Oct '21 - Dec '21
- Graded assignments based on Wireshark, mitmproxy and provided feedback to students for better conceptual understanding.
Cyber Fellow, Offensive Security, Incident Response, and Internet Security Lab (OSIRIS Lab)
- Monitored the 18th Annual CSAW '21 Capture the Flag competition hosted by OSIRIS and participated in by 1200+ teams.
- Ranked in the top 8% out of 1550+ players by completing OSIRIS web-exploitation CTF track.
Intern, LeadLife
- Analyzed, translated user requirements for the web application & its security to the developers & proposed a cost-time estimate.
- Strategized the process and workflow changes to streamline and reduced the site's accessing time by 20%.
- Content writing and development for go-to-market readiness