My Tech Skills
Offensive Security
- Web app penetration testing: IDOR, XSS, CSRF, SSRF, SQLi, path traversal, hash cracking, brute-forcing passwords, directory busting
- Knowledge of tools: nmap, Nessus, nikto, Wireshark, Burp Suite, Metasploit, Hydra, John the Ripper, ffuf, DirBuster
- Protocol enumeration and exploitation: FTP, Telnet, SSH, NFS, SMB, MySQL
- Various OSINT techniques, Google dorking
- Linux privilege escalation
Defensive Security
- Endpoint security and hardening: firewalls, antiviruses, anti-malware; monitoring with Snort
- ELK Stack
- IoC analysis, log analysis, threat analysis, threat research
- Knowledge of OWASP Top 10, Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK
- Knowledge of security frameworks: NIST, ISO 27001, PCI DSS
- Password management (LastPass); experience with PKI
IT
- Extensive OS knowledge: Linux, Windows, MacOS
- OS Virtualization
- Cloud services: Linode, AWS
- Familiarity with protocols: TCP/UDP; HTTP, FTP, ICMP, ARP, DNS
- Packet analysis with Wireshark
- LAN management, subnetting
- App deployment: AWS, Heroku; Ansible, Travis CI
Programming
- Experience with programming languages: Python, JavaScript, Ruby, C, BASH
- Full-stack application development: Next.js, React, MERN Stack, SCSS, Tailwind
- Scripting in Python, BASH
- Hands-on experience with various data structures and algorithms
- TDD, test suites with RSpec and Jest
- VCS: Git, GitHub
