4. Security & Compliance

Provides structured methodologies for detecting, containing, and mitigating security incidents in enterprise environments.

Conducts security assessments on APIs to detect vulnerabilities and ensure secure communication protocols.

Provides methodologies for identifying and mitigating security vulnerabilities in containerized applications and their images.

Specializes in implementing Clerk's modern authentication solutions with WebAuthn, passkeys, and passwordless login for secure, user-friendly authentication flows.

Auth0 security specialist for implementing attack protection, MFA, token security, and compliance configuration.

Extracts and analyzes network flows from pcap files, resolving IP addresses to hostnames to identify outbound connections and network destinations.

Enables security pentesting of IoT devices through UART console interaction for device enumeration, vulnerability discovery, and root shell acquisition.

Decompiles Android APK files into readable Java source code for security analysis, vulnerability detection, and app behavior inspection.

Analyzes IoT network traffic to detect protocols and identify security vulnerabilities in device communications.

Scans networks to discover ONVIF cameras and WS-Discovery enabled IoT devices, aiding in security assessment and device inventory.

Unpacks, analyzes, and repackages Android APK files to extract resources, examine manifests, and analyze smali code for security assessment.

Scans ONVIF devices for security vulnerabilities through authentication testing and brute-force credential checks.

Professional network reconnaissance and port scanning tool supporting multiple scan types, service detection, and vulnerability scanning via NSE scripts.

Enables telnet-based interaction with IoT device shells for penetration testing, including device enumeration, vulnerability discovery, and credential testing.

Analyzes firmware files, identifies file types, and extracts ext2/3/4 and F2FS embedded filesystems for security assessment.

Performs static analysis on UEFI/BIOS firmware dumps to detect malware, rootkits, and extract critical firmware data without hardware access.

Systematically analyzes binaries and obfuscated code in CTF challenges to extract flags, keys, and hidden security information.

Performs deep security-focused reverse engineering on binaries to answer specific questions about crypto, C2 addresses, and function behavior with evidence-based findings.

Solves CTF binary exploitation challenges by exploiting memory corruption vulnerabilities such as buffer overflows and ROP.

Performs initial security analysis of binaries by examining memory layout, strings, imports, and functions to identify suspicious behavior.

Solves CTF cryptography challenges by analyzing weak crypto implementations to extract keys and decrypt data.

Performs systematic code analysis to identify and remediate vulnerabilities, supporting security assessments, compliance validation, and incident response.

Enables creation, execution, and debugging of integration tests for detecting prompt injection vulnerabilities in AI applications.

Automatically detects and removes hardcoded credentials from codebases before packaging, ensuring secure distribution and mitigating security risks.