About

Sharing knowledge is the most fundamental act of friendship. Because it is a way you can give something without loosing something. Richard Stallman.

Hi, I am farhan. I have a strong passion for Computer Security and Applied Security Research. As a security Enthusiast, I have 4.5 years of experience in Application Security including development of secure Web Applications.As an experienced application security practitioner, I have conducted 250+ assessments in my organisation and delivered training programs in the Cybersecurity Ecosystem.

Current Employment

Extra Curricular

• Built a client dashboard on Django that Extracts data from penetration testing reports and generates Vulnerability Data and Analytics to Identify Project Performance and Risks

• Presented a Session on explaining OAuth 2.0, Pentest Approach and Test Cases

• Highest Individual Scorer of the Synopsys Techfair CTF Conducted across the globe.

• Received multiple Client Appreciations on insights and identification of Business Critical Applications from Finance and Logistics Sector

• Contribution to the Confluence Knowledge-base on Web Application Pentest, Architecture Review Analysis and Cloud Security.

Education

2013-2017

B.Tech, Computer Science; Federal Institute of Science and Technology (FISAT)

Thesis title: Deep Learning Approaches to the Self-Awesomeness Estimation Problem

2007-2010

BSc, Computer Science and Electrical Engineering; University of HomeTown (HomeTown)

Minor: Awesomeology

Academic Qualifications

Notable Projects and Achievements

• Online Security Platforms ‘Security Platforms’

  • Active Participant on BugCrowd, HackerOne, Integriti and other Bug bounty Platforms - Hacker Level in HacktheBox.eu - Multiple Badges in AttackDefense Labs

• IOT Secuirty Research Project ‘A Vulnerable IoT Platform and Device’

  • Devised a vulnerable IoT device using RFID, Raspberry Pi and Demonstrated its potential Exploits. • A new security testing mechanism and strategy for IoT testing was devised using this model and has implemented on the Organization

• Research and Main Project ‘Machine Learning Project to Analyse and Compare False Positives from Automated Scanners’

  • Analysis conducted using a large number of Triage notes from Different Autoscan Engines. • Able to analyse false positives from the findings of different automates Scanners allowing Pentesters to reduce SLA in triaging

• Mini Project ‘Media Bias Monitoring’

  Media Bias Monitoring system is a Web Based application built on Python and Django for monitoring the output of various print and broadcast media using KNN Classification and Other Machine Learning Algorithms.

• Other Projects ‘Projects developed for Hackathons’

  • Developed an E-Commerce application for small scale industries to sell their products, as a part of Rajasthan Hackathon - Developed a Tweet based Financial Analyzer which classifies tweets based on their travel behavior and investment behavior, as a part of ZafinTech Hackathon.

Technical and Personal skills

• Web Platforms: Proficient in: Python, HTML, CSS
  Working Experience in Frameworks, Apache Cordova and Spark.

• Technologies: Virtualization, Docker, Parallel Processing, GIT, MS Office.

• Pentesting: Burpsuite Pro, HP Webinspect, IBM Appscan, SoapUI, NMap, SQLMap, Postman, NetSparker, Coverity, BlackDuck

• Security Frameworks: Metasploit, Frida, Objection, AFL, Scapy, Cotopaxi.

Professional Memberships and Positions Mentored

• Member Null.co.in & OWASP Community, Bengaluru

• Volunteer Yet Another Cybersecurity (YAS), Kerala, India

• Member Association for Computing Machinery (ACM), FISAT and Chennai

• Team Member Google Developer Group, Kochi

• Team Member KochiPython , Team of Python Development Enthusiasts

• Research Member CHPC , Centre for High Performance Computing, FISAT

• ICT Student Champion ICT Academy of Kerala, FISAT

Interests and extra-curricular activity

• I am a vivid and passionate web designer and won various web design contests. I have also been a member of the core team responsible for various Techno-Cultural events.

• I was also a member of a photography club and contributed significantly towards it’s success.

• I was also a Speaker to a group of technology enthusiasts and took a session on emerging web technologies and it’s vulnerabilities.

References