Sep 03, 2024 | Pentesting
Understanding Footprinting and Reconnaissance
Footprinting and Reconnaissance
CTF EVENT
CYBER SECURITY AWARDS
YEARS OF EXPERIENCE
PROJECT COMPLETED
01 - SKILLS
Python
Bash
Back-End Stack
Front-End Stack
DEC 2023-MAY 2023
Focusing on HTML, CSS, and JavaScript refined my web development skills. This expertise is invaluable in my cybersecurity career, enhancing my ability to identify and address web application vulnerabilities.
AUG 2024-CURRENT
I am specializing in cybersecurity, focusing on protecting systems and networks. My studies include network security, ethical hacking, and threat analysis, equipping me to secure digital environments and address emerging threats.
JAN 2022-AUG 2023
As a cybersecurity instructor, I offer tailored training to empower learners with essential security skills. My aim is to equip each participant with the knowledge and tools needed to effectively protect against and manage cybersecurity threats.
MAY 2024
I identified several vulnerabilities, including Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, Insecure Direct Object References (IDOR) Sensitive Information Exposure, lack of Input Validation etc
Dec 2023 - present (Intermittent)
Completed various cybersecurity modules on TryHackMe, including penetration testing, network security, and ethical hacking. Gained hands-on experience, identified vulnerabilities, and earned certifications and badges.
Oct 2024 - Nov 2024
I gained hands-on experience in network and web application security. My work included threat analysis, configuring basic network security measures, and identifying web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Broken Authentication, and Security Misconfiguration. I utilized tools like Wireshark and OWASP ZAP, burpsuit, enhancing my technical skills and deepening my understanding of cybersecurity best practices.
Nov 2024 - Dec 2024
Engaged in penetration testing projects, identifying advanced vulnerabilities like SSRF and insecure deserialization. Conducted Active Directory analysis with BloodHound, demonstrated WAF evasion, and enhanced skills through CTF challenges, documenting findings.
May 2024
threat modeling, vulnerability management, security architecture, cloud security, network design, cryptography, IAM, incident response, penetration testing, SIEM, SOAR, risk management, compliance (HIPAA, PCI-DSS, GDPR) & security governance
Jun 2024
footprinting and reconnaissance techniques, scanning networks, enumeration methods, vulnerability analysis, system hacking procedures, malware threats, sniffing tools and techniques, social engineering tactics, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks, session hijacking, evasion tactics, hacking web servers, web application security, SQL injection techniques, hacking wireless networks, hacking mobile platforms, cloud computing threats, cryptography essentials, and IoT hacking techniques
Sep 2024
SQL, Threats, risks, and vulnerabilities, Security frameworks and controls, SIEM tools, Linux, Security hardening, Incident Response, Python.
Jul 2024
In the course, I learned to conduct bug bounties and penetration tests effectively. Topics included bug bounty fundamentals, reconnaissance, web and software exploitation, Android exploitation, and reporting vulnerabilities. I explored key tools like Nmap, Burp Suite, and Google Hacking, focusing on ethical hacking techniques such as SQL injection, SSRF, authentication bypass, and XSS. Additionally, I gained skills in Linux management, Nuclei automation, CVE handling, and advanced exploitation tactics.
SPECIALIZED SECURITY ASSESSMENTS
I am proficient in a wide range of tools and methodologies essential for identifying and mitigating security vulnerabilities in web-application
I’m skilled in detecting and addressing security vulnerabilities in network environments. My expertise includes assessing network configurations and traffic to identify and fix potential weaknesses.
I am adept at assessing mobile applications to uncover and resolve security vulnerabilities. My expertise ensures that mobile applications are protected against potential threats, maintaining secure and reliable functionality for users.
I specialize in software penetration testing to identify and fix vulnerabilities. By analyzing coding flaws and misconfigurations, I evaluate functionality and security to ensure applications are protected and follow best practices.
I specialize in using social engineering tools to simulate realistic human-centric attacks. By conducting phishing, pretexting, and other tactics, I assess and enhance an organization’s defenses against human-focused security threats.
I excel in physical security assessments, using various techniques to test access to sensitive areas and evaluate physical security measures, ensuring strong protection for facilities.
TOOLS & TECHNIQUES
TUTORIALS
Nov 01, 2024 | Pentesting
Footprinting and Reconnaissance
READ MORE