Post Job Free
Sign in

Penetration Testing, embedded Linux development, intrusion detection

Location:
Arcadia, CA
Posted:
December 11, 2020

Contact this candidate

Resume:

Vishnu Kamaraju

Education

Michigan Technological University, Houghton, MI, 49931 Sept 2018 - Dec 2020

Master of Science in Cybersecurity (3.65 / 4.00 GPA)

Teaching Assistant – Computer Security (4471/5471) Sept 2020 – Dec 2020

Amity University, Noida, India. Aug 2013 - Mar 2017

Bachelor of Science in Computer Science and Engineering (3.15 / 4.00 GPA)

Work Experience

Projects

Skills

Python

C/C++

PowerShell

Bash

SQL

Wireshark

Nmap

OWASP Top 10

Burp Suite

JavaScript

Snort

Suricata

OpenSSL

PHP

SIEM

IDP/IPS Analysis

Debugging

Kibana

Cryptography.

HIPAA

HITRUST

NIST

Arcadia, CA. 91007 ********.*@*****.*** 906-***-**** linkedin.com/in/vishnu-kamaraju-b5056671

Security Analyst Intern

Michigan Health Information Network (MIHIN), East Lansing, MI. 49931 Sept 2019 – Aug 2020

Optimized a python script for alerting of suspicious logins on work computers.

Assisted with web application development and penetration testing.

Participated in the development of phishing attack simulations and fake engagement and documented the results to track the progress.

Worked on security policies and identified risks within the company and created remediation plans.

Performed security assessments using ethical hacking tool like Burp Suite and Nikto.

Assisted with review of security policies and adherence to HIPAA standards

GitHub: https://github.com/vishnucs50?tab=repositories

Gaining remote access through buffer overflow: Optimized a python script that is used for fuzzing every input field of the given application to trigger a crash. Application crashes are identified through immunity debugger. Msf-pattern_create is used to take control of EIP CPU register by overwriting a return address. Exploit payload is included in the buffer prepended by an optional NOP sled. Upon successful execution, reverse-shell session is presented to the attacker.

SQL Injection and Web Application Testing using Burp Suite: The python script enumerates every field of a web app using un-sanitized data input (line-breaks, single quotes etc.) to cause database error. Burp Suite’s repeater tool is then used to capture requests and to enumerate the database. A PHP script is then used to create a payload file that is inserted into the server’s web root using PHP’s INTO OUTFILE function. Upon successful execution of payload, the attacker is presented with reverse-shell session.



Contact this candidate