Enterprise Network Architecture
Designed a startup’s network infrastructure by strategically placing IPS/IDS solutions, Firewalls, Log Management, VPN Tunnels and more, conforming to a Defense in Depth strategy. Dissected the network into 7 network zones as advised by SANS Institute.
|
OSINT and Passive Recon Analysis
Performed a thorough review of GMO's online footprint from an Open Source Intelligence and Passive Reconnaissance perspective.
Utilized 8 different tools - Spiderfoot, Maltego, DNSRecon, Censys, Shodan, Sublist3r, theHarvester and Qualys' SSL Server Test, to conduct a security assessment, pinpointing security gaps and offering the most efficient remediation or mitigation techniques. 
| ||||||||||
Risk Assessment and Management Plan for HIC
Conducted an extensive risk assessment using NIST CSF to suggest an efficient risk management plan for an investment management firm that requested to remain anonymous. The report is accompanied by a PPT presentation with a recorded voice-over that conducts the presentation. Click Here for the presentation.
|
AI, Blockchain, Digital Currency and Data Science Presentation
Prepared a presentation that highlights the key concepts from a Cognitive Analytics Management Conference and communicated them to an audience of 150 non-technical individuals. Click Here for the presentation.
| ||
Caesar Cipher
Wrote a python program that performs a classical cryptographic encryption scheme with brute-forcing capabilities.
PS: Modify file type from .txt to .py to run the program 
|
Affine Cipher
Wrote a python program that performs a classical cryptographic encryption scheme with brute-forcing capabilities.
PS: Modify file type from .txt to .py to run the program
| ||||
DDoS Lab
Performed both a Smurf attack and a SYN attack simultaneously in a controlled lab environment.
|
Buffer Overflow
Performed a buffer overflow attack, detailing every step and explaining how to look at the stack with gcc, how to overwrite the return address, how to craft a successful payload and how to toggle the appropriate controls to defend against overflows.
| ||||
Return-to-libc Attack
Performed a Return-to-libc Attack, detailing every step and explaining how to find the address of the libc function, system() and exit() using gcc, and how to inject the shell string into the memory.
|
Rust
Went over different snippets of Rust code and explained programming bugs and problems, and showed how to fix them.
| ||||||||
XSS Attack
Completed the SEED Labs Cross-Site Scripting Attack Lab, where the user exploits an input validation vulnerability on the prebuilt Elgg web application in an attempt to reproduce what Samy Kamkar did to MySpace in 2005 with the XSS Worm.
|
XSRF Attack
Completed the SEED Labs Cross-Site Request Forgery Lab, where a victim user holds an active session on a trusted website while visiting a malicious website. The malicious website injects an HTTP request for the trusted website into the victim user session.
| ||||||||||||
PS: Certain sections of the website are made for comedic purposes :-)