Avinash Kumar Thapa

Security Analyst &Trainer

Avinash Kumar Thapa currently serves as a Security Analyst in the Technical Assessment team at NII Consulting. His work mainly focuses on conducting Security Audits, Vulnerability Assessment and Penetration Testing for NII’s premier clients.

He possesses strong analytical skills and likes to keep himself involved in learning new attack vectors, Python Language, tools and technologies, which allow him to conduct in-depth testing of applications during a penetration testing exercise.

During his free time, he likes to research on advance topics Web Applications Testing, Python and C# programming.

Profile

  • Bachelor of Engineering (ECE), Kurukshetra University, Haryana
  • Certified Information Security Consultant (CISC)
  • Certified Professional Hacker (CPH NxG)
  • Certified Professional Forensics Analyst (CPFA)
  • Digital Forensics
    • Disk Forensics with Encase
    • Memory Forensics with Volatility
    • Network Forensics
    • Data Carving
    • Live Response – Windows and Linux
  • Network Security
    • Good knowledge of TCP/IP fundamentals
    • Network Vulnerability Discovery and Exploitation.
    • Well versed with AV Evasion & Advance Metasploit-framework
    • Expertise in Security of Database and Database penetration Testing
  • Wireless Security
    • Cracking WEP, WPA, WPA2 encryption
    • Hotspot Attack on open Wi-Fi Networks
    • Evil Twin Attack
    • Chop Chop Attack
    • War Driving
    • Breaking Hidden SSID, MAC Filtering
  • Application Security
    • Well versed with OWASP-Top 10
    • WASC-Threat Classification
    • Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
    • WAF Bypassing Techniques
    • SANS Top-25
  • Compliance & Guidelines
    • ISO/IEC 27001 standards
    • Risk Assessment
    • Business Continuity Management
    • PCI-DSS
  • RDBMS
    • Oracle 11g
    • MS-SQL Server 2008 R2, 2012
    • MySQL Server
  • Buffer Overflow and Exploit Writing
    • Good Knowledge of Assembly Language and exploit writing in Python.
  • Trainings
    • Delivered trainings on various industry recognized Information security certifications [CEH, CISC].
  • Languages
    • Good Knowledge of Python Programming
    • Basic Knowledge of PHP, SQL, C and C++
  • Operating Systems: Windows XP/7, Linux, Unix
  • Servers: Windows Server 2003/2008,
  • Databases: Oracle, MS SQL Server, MySQL
  • Security tools: Burpsuite, Nmap, Nessus, Netsparker, Hping3, Nessus,Sqlmap, Wireshark,NetCat, Metasploit, Tcpdump,Cain & Abel, Nikto, DirBuster,FTKimager,Acunetix.
  • Product Knowledge: QualysGuard, GFI Lan Guard
  • Languages: HTML ,PHP, Python, SQL,JavaScript, Java
  • Good communication skills
  • Experience in dealing with management, system administrators, employees, etc.
  • Very strong commitment to values and quality of deliverables
  • Certified Professional Hacker (CPH)
  • Certified Information Security Consultant (CISC)

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content