#root@[~]:$ whoami
Hello World
I'm, Ashish Khare.
Security Researcher | Penetration Tester | Red Teaming | SOC | SIEM | BAS | EDR | Blue Teaming | DFIR | Threat Hunting & Intelligence |
About Me
I am a Cyber Security Enthusiast and a Hacker with an Ethical mindset.
I m having experience in Web-app security, SOC, SIEM, EDR, BAS, Incident Response, Vulnerability Assessment & Penetration Testing. I am experienced with tools like Splunk, burp suite, acunetix, Nessus, Metasploit, Nmap, Pentest tools, and of course with Kali Linux & some GitHub open source tools like Amass, Aquatone…etc many more for finding the vulnerabilities in the web application and mobile application. Now what type of vulnerabilities I have found frequently will be account takeover, injections, privilege escalation, series of vulnerabilities leading to account takeover, LFI, XSS, OWASP Top 10, etc… Secured over 500+ Indian Government Websites acknowledged by NCIIPC unit of NTRO Govt.Of.INDIA.
Skills
Good knowledge of Cyber Security Fundamentals (CIA, VPN, WAF, Antivirus, DMZ, IDS, IPS, Compliance, ISO-27001, PCI-DSS)
Strong hands-on Networking (TCP/IP, OSI Model, Devices, IP add, Architecture, Subnetting, Firewall, 3-way handshake, etc...)
Sound knowledge of Computer Forensics.
Familiar with various types of Malwares, Attacks & Zero-day Vulnerability.
Monitor and analyze logs and alerts from various Network and Security Solutions.
Investigation of Security alerts in order to determine suspicious and false positives.
Analyzing and Mitigation of the phishing E-mails.
Hands-on Tools. (Nmap, Metasploit, Burpsuite, SQLMap, Maltego, ghidra, nuclei, dnsrecon, Wireshark, Splunk, etc...)
Python (Bash Scripting)
Hardware, System Troubleshooting.
Multi-tasker, Team player, leadership, Management.
Work Experience
Blue Teamer (Nov 2022 - Dec 2022)
Monitor and analyze logs and alerts from various Network and Security Solutions.
Investigation of Security alerts in order to determine suspicious and false positives.
Analyzing and Mitigation of phishing E-mails.
Security Analyst at ComExpo Cyber Security Foundation - July 2021 - Oct 2021
Well-versed with Network & Web-application Penetration Testing.
Information gathering, Source code review, Password attacks, Pivoting & port forwarding.
Find Vulnerabilities, exploits, and CVEs.
Practiced in Malware Analysis.
Trainee at CYBER CELL - June 2021 - July 2021
Case study of cyber crimes(social media, frauds, fake news)
Study of Indian IT Act, Dark-web, Deep-web, Security Perimeter.
Perform forensic practical (Img, PD, Email)
Content Researcher (Cyber Security) at Official Hacker - May 2021- Jul 2021
Find out various cyber security breaches.
Explain cyber Security Terminologies.
Work on Case Study.
Cyber Security R&D Intern at (TechHack Technologies Pvt. Ltd) - Dec 2020-Feb2021
Research various vulnerabilities and practices to find out bugs and mitigate them.
Analysis of various Web Applications.
Reconnaisance and OSINT.
Certifications
Cisco - Cyber Security Fundamentals
Udemy - Ethical Hacking & Penetration Testing
TCM Security - Practical Ethical Hacking Course
CNSS - Certified Network Security Specialist
AttackIQ - Foundation of Operationalizing Mitre ATT&CK
Education
B.E Computer Engineering (2019-2023)
HSC (2017-2019)
SSC (2016-2017)
Interests
Solve CTF challenges
Reading Political News
Playing Cricket