ABHISHEK GUPTA, M.S. CYBER SECURITY
***** ******** ****, *** *, Charlotte, NC 28262-8874 704-***-**** adkc84@r.postjobfree.com https://www.linkedin.com/in/abhishek-muralidhara-gupta/ SUMMARY
• Highly determined to develop my career as a Cyber Security Engineer and strive to achieve success for the organization and myself, thus improving my skills thereby.
• A passionate cybersecurity grad student who discovered a zero-day vulnerability while working on my semester project.
• Team player, team builder, team motivator and compassionate engineer with leadership qualities and problem solving abilities.
• Articulate, accountable, adaptable, committed, honest and a trustworthy individual.
• Currently Pursuing Security+ certification by CompTIA TECHNICAL SKILLS
Programming: Python, C programming
Networking/Network Sniffing: Wireshark, Cisco Packet Tracer Cloud Services: AWS (EC2)
Softwares/Tools/Technologies: Splunk, Burp Suite, Kibana. Penetration testing tools: Nessus, Ettercap, nmap, OWASP ZAP, Snort, netcat, hashcat, cain and able. Operating Systems: Windows 10, Linux (Ubuntu, Fedora, Kali Linux) Virtualization: VMWare Workstation Pro, Oracle VirtualBox Forensics: FTK Imager, Autopsy, HxD Editor
EDUCATION
M.S. Cyber Security, University of North Carolina at Charlotte, 2019 - 2021 GPA: 4.0
– Penetration Testing and Secure Programming
– Network Security
– Competitive Cyber Defense
– Security Analytics
– Computer Forensics
– Enterprise and Infrastructure Protection
– Malware Analysis
– Applied Cryptography
– Computer Communication and Networks
– Principles of Information Security and Privacy
B.E. Electronics and Communication Engineering, VTU, Belgaum, India, 2011 - 2015 GPA: 3.4
– C programming
– Computer Networks
– Network Security
– 8086 Microprocessor and Programming
– Real time Operating Systems
– Embedded Systems
WORK EXPERIENCE
University of North Carolina at Charlotte Charlotte, United States Teaching Assistant Jan 2021 to Present
• Graduate Teaching Assistant for Competitive Cyber Defense ITIS 5246, a graduate level course.
• Mentor 52 students for any queries and problems related to course.
• Developed training materials, assignments, helping other activities like grading, evaluation, etc. Rove Labs Bengaluru,India
Research and Development Engineer Jun 2018-Jul 2019(1 year 2 months)
• A startup involved in academia oriented on IoT and robotics that pulled me towards cybersecurity.
• As an instructor had been a part of the team that has conducted workshops for more than 500 engineering students. ACADEMIC PROJECTS
Configuring, Exploiting and Defending a SmartHome Router Aug 2019 - Dec 2019
• A semester long project, successfully completed in 3 phases throughout the semester. (Network Security, Web Security and Software Security)
• Network security phase emphasised on Configuring firewall using iptables.
• Web security phase emphasised on discovery of XSS and CSRF vulnerabilities, exploiting and defending the vulnerabilities.
• Software security phase emphasised on analysing and exploiting dnsmasq buffer overflow vulnerability intended to crash the router.
Configured a Secure Apache Web Server and strong Swan VPN server in a Linux environment Oct 2019
• Generated OpenSSL keys, self-signed certificates, and allowed HTTPS to configure a secure Apache web server.
• Set up a VPN server to use an internal CA certificate and start a VPN connection from the client to access a protected VPN web server.
Simulated a DDoS Crossfire attack Nov 2019
• Created a simulation of a network flooding crossfire attack.
• Developed a network design with the help of NS bench in order to simulate scripted DDoS attack using bots to flood paths of servers to deny legitimate service to genuine users. Configured a secure Corporate ecosystem utilising Single-Sign-On Services Feb 2020
• Enforced the Kerberos service that provides single-sign on services.
• Developed the framework for an enterprise network consisting of Master and Slave DNS servers, an LDAP directory service, a Kerberos service, an SSH server that authenticates users using Kerberos, and a client that can access Kerberos tickets that allow the client to authenticate services (like SSH) via Kerberos. Developed a secured communications network. Mar 2020
• Enabled DNSSEC and signed forward and reverse zones for DNS servers.
• Created a root CA and configured it for use on a web server, LDAP server, SQL server in a variety of containers.
• Configured and setup WordPress to use MYSQL for storage and LDAP for authentication using Nginx in a container.
• Configured a TLS certificate from your root CA for a web server and an LDAP server, reconfigured the containers to use the TLS-protected LDAP server.
Full Penetration Test of the purposely insecure Web Application-Tunestore. Oct 2020
• Manual penetration checks conducted to identify XSS, CSRF, SQL Injection, Failed Authentication, and click jacking.
• Proposed prevention methods and applied on the application.
• Automatic vulnerability tests were conducted using OWASP ZAP to detect vulnerabilities. Security analytics using Kibana data visualisation dashboard . Dec 2020
• DNS log analysis to detect anomaly detection.
• Log enrichment using python program and ingested into elastic SIEM for Net Flow analysis to detect data ex filtration.
• Endpoint detection through analysis of login activities and vulnerability scanner logs. ACHIEVEMENTS
• Co-discoverer of CVE-2019-18992-Multiple XSS Vulnerabilities in OpenWrt Firmware (2019)