Brijesh Z


Summary

Brijesh currently serves as a Security Analyst at NII and trainer at IIS. His work mainly focuses on Security Trainings, Networks and Web Application Trainings, Vulnerability Assessment and Penetration Testing. His technical abilities span a very wide range of technologies across networks, operating systems, databases, web applications and web servers. However, his specializations are Web Application Security, DevOps Security, Forensics and IoT Security.

Educational Qualification

  • Bachelor’s in Information Technology
  • Master’s in Information Technology
  • MBA –General (Pursuing)
  • Certified Ethical Hacker (ECCouncil - CEH v8)
  • Certified Professional Forensic Analyst (CPFA)
  • Certified Information Security Consultant (CISC)
  • Diploma in Information Security and Ethical Hacking - Appin Technologies.
  • Certified in C & C++ from MICM NET Solutions Pvt. Ltd.
  • Certified in Facebook Law’s (India).
  • Certification in IoT Hacking (NullCon)
  • Certified Ethical Instructor (ECCouncil CEI v2)
  • CompTIA Linux+ - SimpliLearn
  • Certification in Docker Platform – SimpliLearn
  • Certification in GIT Platform – SimpliLearn
  • Certification in Kubernetes with Docker - SimpliLearn
  • DevOps Practitioner - SimpliLearn
  • Offensive IoT Exploitation – Pentester Academy


Experience & Expertise

  • Network Security
    • Knowledge of TCP/IP Fundamentals and Networking Concepts.
    • Wireless Security & Exploitation.
  • Application Security
    • Well versed with OWASP – Top Ten.
    • Expertise in Vulnerability Assessment and Penetration Testing of Web Applications.
    • Top 25 Software Error by SANS
    • Business Logic Testing
    • Thick Client Application Testing
  • Programming Languages
    • C, C++, C#, Java, ASP.NET, Python, Shell Scripting.
  • Forensics
    • Well Versed with Forensic Concept’s.
    • Incident Response & Threat Hunting
  • Mobile Security & Forensics
    • Well Versed with Mobile Pentesting and Forensics Concept’s.
    • Reverse Engineering and Mobile Application Security
  • IoT Security
    • Well Versed with IoT Concepts.
    • IoT Pentesting
  • Cloud Security
    • Well Versed with Cloud Concepts.
    • AWS Cloud Security
    • Microsoft Cloud Security
  • DevSecOps
    • Familiar with DevSecOps Concepts.
    • DevOps Principles
    • Container Security
    • Compliance as Code
    • Security testing and scanning in CI/CD
  • Internal Trainings
    • Trainings on Mobile Security.
    • Trainings on Network Security.
    • Trainings on Web Application Security.
    • Trainings on Forensics.
    • Trainings on IoT Security.
    • Trainings on DevOps Security.
    • Trainings on Certified Ethical Hacker(CEH) v8.
  • Corporate Trainings
    • Corporate Training on Android Security for BPCL.
    • Corporate Training on Security Awareness in Web Application for Accelya Kale Solutions.
    • Corporate Training on Web Application Security for ICICI Bank.
    • Mobile Security Awareness Training for ICICI Bank.
    • Corporate Training on Web Application Security for Capgemini, Mumbai.
    • Corporate Training on Web Application Security for Capgemini (Bangalore)
    • Corporate Training on CEH for E-Clerx Solutions, Mumbai.
  • Projects
    • Web Application Penetration Testing for SBI Life.
    • Thick Client Application Testing for SBI Life.


Research and Development

  • Development of IIS Tool Kit v1.
  • WhatsApp Database Extractor (POC)


Technical Skills

Brijesh has experience with the following technologies

  • C, C++
  • Java
  • ASP.NET (using C#.Net)
  • JavaScript
  • XML
  • HTML
  • Python
  • MySQL
  • Shell Scripting
  • Wireless Security
  • Network Security
  • Mobile Security
  • IoT Security
  • DevOps Security
  • Web Application Security
  • Operating System’s: Windows XP/7/8, Windows Server 2008, Ubuntu Flavor’s, Kali Linux, Backtrack, IIS ToolKit, Mac OS, SIFT, DEFT, CAINE etc.
  • Network Tool’s: Nmap, Zenmap, Wireshark, Angry IP Scanner, Nessus, Metasploit etc.
  • Forensic Tool’s: Encase, FTK Imager, Sleuth Kit etc.
  • Web App Tool’s: Burpsuite, Vega, BeEF, OWASP ZAP, SqlMap, Acunetix etc.