-
Experience
George Mason University, Fairfax VA Sept 2019 - May 2020
Precollege Instructor & Graduate Teaching Assistant
• Taught 25 high school students concepts of Computer Forensics with hands-on experience through lab exercises
• Held responsibility in grading quizzes, midterm, Final exam and term papers of 55 students for master’s level courses Cybersecurity Fundamentals and Cloud computing Security
George Mason University School of Business, Fairfax VA Jan 2019 - May 2019
Graduate Teaching Assistant
Designed and constructed following Penetration testing materials/lab exercises for course Introduction to Cybersecurity using Kali Linux
• Identified and exploited SQL injection vulnerabilities in web applications, executed queries in the database in order to enumerate and extract data using SQL map & Burp Suite
• Brute force website login page by intercepting browser request using burp suite
• Intercepted data packets to sniff passwords using Wireshark
• Scanned target to build an effective attack plan, performed vulnerability scan using Nessus and identified known security flaws on target machine, exploited the weakness and gained an interactive shell session with target machine
• Hacking using BeEF XSS Framework
Majesco Software & Solutions India Pvt. Ltd. [Insurance Domain] Jun 2017 - Jul 2018
Trainee Software Engineer
• Developed testing test plans, scenarios, scripts, or procedures that addressed areas such as database impacts, software scenarios, black box testing, regression testing, error or bug retests, or usability
• Documented software flaws, using JIRA, and reported defects to software developers
• Analyzed application log files to troubleshoot root cause of defect and to reproduce bugs
• Experience in working in an Agile environment
• Planned test schedules/strategies in accordance with project delivery dates and collaborated closely with developers which reduced 40% of bug fix time
• Provided value additions in decision making meetings with Project Lead & IT developers for gaps & defects found in testing
• Awarded by Spot Award as a Quick Learner for grasping project related concepts, along with other projects and contributing towards ensuring quality deliverables
-
Projects
Risk Assessment on a fictional Company
• Performed security assessment, identified risks & categorized them based on critical, medium and low risk ratings
• Provided countermeasure to mitigate those risks & provided with impact to the company for those countermeasures
Public-Key Cryptography [Python]
• Designed end-to-end encrypted file transfer between client and server.
• Developed client-server python script which is used to encrypt/decrypt multiple file types; used public-key cryptography; 512-bit RSA key pair is generated by OpenSSL on the server side
XSS Worm
• Exploited cross-site scripting vulnerability to launch an XSS attack on Elgg an open-source web application used for social network
• Spread an XSS worm amongst users, such that whoever views an infected user profile will be infected and whoever is infected will add you to their friend list
Buffer-overflow Vulnerability
• Utilized buffer overflow vulnerability to gain root privilege
• Mitigated this attack using address randomization, stack guard protection & non-executable stack protection schemes implemented in Linux