About
Poornachandra is an avid cyber security researcher, who is passionated about technology since his early age. He is keenly interested on offensive side of security precisily in to Penetration Testing.He is accumulating the skills to perform Penetration Testing and is improving his Penetration Testing methodology day by day to provide best outcomes
Some of his Skills on Penetration Testing(But not limited to):
Network Pentesting:
- Knowledge on Active Directory Attacks.
- Knowledge on Port Scanning, Version Detection, Os Detection, Firewall Evasion and service enumeration using Nmap
- Vulnerability Assessment using Nessus
- Knowledge on Portscan, Banner Grabbing,creating reverse shell and bind shells using netcat
- Knowledge on Metasploit framework which helps in scanning, enumeration, exploitation and post exploitation
- Hash cracking with Hashcat and John the Ripper
- Familiar with Exploit Databases like exploit-db, Packetstrom-exploits,rapid7-db
- Knowledge of Privilege Escalation after foothold on Linux and Windows systems
- Creating Payloads using different opensource tools for AV-Evasion
- Brute Force and Password Spraying using Hydra
- Knowledge on Buffer Overflow Attacks
- Familiar with different types of Critical Vulnerabilities
Web Application Pentesting:
- Reconnaissance using shodan, censys, search engine dorking, github dorking,wayback machine.
- Subdomain enumeration with tools like assetfinder, sublister,findomain and subfinder
- Fuzzing web application for virtual host discovery, directory and files discovery and performing different types of web vulnerability attacks
- WAF detection and Evasion
- Familiar with OWASP Top 10
- Sqlmap for SQLi attacks
- Knowledge of Burpsuite to Perform different types of attacks on Web Applications
He worked as System Administrator for 3+ years Building, Fixing & Troubleshooting servers (Linux and Windows) and fixing,troubleshooting server equipment. He is also familiar with the Procedures and Policies that are followed in an Enterprise Environment
Some of his Skills on System Administration(But not limited to):
- Managing Redhat and Debian based Operating systems.
- Maintanence of server equipments HP and Sun servers using ILO,ILOM and ALOM.
- Upgrading RHEL Systems
- Install and Configuring Vendor Specific applications
- Deploying the applications in Different Environments
- Compiling open source applications from source code for deployments
- Firmware and OS upgrades as per the requirement
- Knowledge on managing PKI CA Server
- Creating Certificates
- Revoking Certificates
- Renewing Certificates
- Checking on proper security measures for providing the certificates
- Automated Mundane routine tasks using Shell and Python Scripting and getting emails for critical alerts
- Server Equipment Monitoring for hardware degradation
- Generating services reports for finding issues
- Documented Maintenance Procedures
- User Administration and Password policy management
- User and group auditing on servers
- scheduling cron jobs
- File system management on Linux servers
- Increasing/ Decreasing Partitions
- Creating new logical volumes from added disks
- Maintaining Permissions on Linux servers
- Knowledge on Vcenter for maintaining Esxi hosts and virtual machines in it
- Knowledge on ITSM tools
- Incident Management - Getting the incidents assigned and working on them to solve the issue and Providing RCA
- Change Management - Implementig the changes to Perform different types of operations for uptime and scalability
- Problem Management - Knowing the problem and investigating on it for further actions
- Request Management - providing the solutions to different types of technical requests like user audits, group audits.