Vikash Tiwari

RHCE, CCNP, CCNA, CPH, CISC

Vikash Tiwari has varied experience in the field of information security audit and VAPT, Digital forensics. He has carried out Penetration Tests, System and Server Audits, firewall/IPS/IDS Audit, Intrusion Detection, Mail Servers setup (qmail), iptables implementation.

He currently serves as Senior Security Analyst and Digital Forensics team Lead at NII Consulting focusing on VAPT, Digital forensic, ISO Audit, Product and Solutions,. He also provides training services at NII as an Associate Trainer.

Profile

  • B.Sc.(Electronics). C.S.J.M. University Kanpur
  • IIT-K Certified Linux System and Network Administrator
  • RHCE (RedHat Certified Engineer)
  • CCNP(ISCW)
  • CCNA
  • CPH(Certified Professional Hacker)
  • CISC(Certified Information Security Consultant)
  • Certification on PLC programming
  • Certification on Assembly Language on Micro Processer (8085 and 8086) and Microcontroller(8010)
  • Forensics
    • Expertise in Disk Based forensics and Network based forensics
    • Expertise in Memory Analysis
    • Expertise In performing Incident Response on all Widows, Linux, Unix based platform
    • Expertise in performing Intrusion/ Malware Analysis OS level and Network Level
  • Application Security
    • Expertise in Vulnerability assessment, Penetration testing & Web application testing
    • Well-versed with the Open Web Application Security Project Top Ten security vulnerabilities.
  • Network Security
    • Worked on security for a range of operating systems, databases, web servers, mail servers, directory services and applications
    • Experience with an extensive range of security systems and solutions.
    • In-depth knowledge of TCP/IP fundamentals
    • Intrusion detection, analysis, signature writing, and computer forensics
    • Experience in conducting network security audits
  • Wireless Security
    • Working knowledge of wireless security technologies
  • Compliance & Guidelines
    • Well versed with ISO/IEC 27001 Standards
    • NIST & Microsoft guidelines for Windows Server Security
    • MNSCU guidelines for UNIX Security
  • Forensics Tools: Encase, Caine, Helix, Test Disk, PhotoRec, Deft Linux, logparsar, Weblog analyzer, , Weblog Explorer, WiNHEx, Deft Linux, Sysinternal Tools WFT, SIFT, IDA pro, Ollydb, Minibis, Zero wine, GCC, GDB, Remnux
  • Operating Systems:Windows NT/2K/XP/9x, Windows 2008, Windows 2003 Server,Linux(RHEL4/RHEL5,SELS 9/10,Fedora4/5/6/7/8/9/10/11/12/13, OpenSUSE Linux, Ubuntu Linux, BackTrack4 final, Cent OS 5.3, Unix(IBM AIX 5.3 and Solaris 9/10), FreeBSD,NetBSD,
  • Servers: NFS, FTP(VsFTP, Sftp), SAMBA, APACHE, SQUID, MAIL Servers (qmail, sendmail and postfix), DNS, DHCP, NIS,Dansquid Guardian.
  • Databases: MS-SQL, Oracle, MySQL
  • Network components: Firewalls, IDS (Snort), Router(Cisco and Dlink, Juniper, Linux ), Switches(Cisco and Dlink, Juniper, Linux ), Open filer (Network Attachment Storage), LIDS, AIDE.
  • Network Monitoring Tools:Nagios, Ntop, Wireshark, Zabix
  • Security tools: Nmap, Nessus, Fport, Hping2, tcpdump, arpsniffer, ettercap, dsniff, firewalk, windump, inprotect, Nikto, Tcpdump, tcpxtract, Cain & Able, Metasploit Framework, Cisco torch, Superscanner, atop, mtop, Htop Webmin Tool for Linux Administration etc..
  • Web Application Tool:- WebScarab, BurpSuite, SamumraiWT,F, Accunetix, IBM AppScan.
  • Forensics Tools: Encase, Caine, Helix, Test Disk, PhotoRec, Deft Linux, logparsar, Weblog analyzer, , Weblog Explorer, WiNHEx, Deftlinux.
  • Firewalls: Cisco PIX, Cisco ASA, SneapGear, SonicWall, IPCOP, SmoothWall, Iptables, cyberoam, Fortinet.
  • Languages: C, Shell Scripting, VB6, C, Core Java, Advanced Java, Lisp, SQL, HTML, DHTML, XML using CSS and XSL style sheets, ASP & JavaScript
  • IDS: In-depth knowledge of Snort, Snort BASE-INLINE.
  • Antivirus Solutions: Symentec Antivirus, MaCfee, ClamWIn, AVG,Avast, Kaspersky, Avira.
  • Executed 10+ Forensic projects for the corporate clients and CID Mumbai
  • Penetration and Web Application & Network Pen Testing for:
    • India’s largest online share trading website
    • Leading Matrimonial site in India
    • many of the Indian Banks
    • 2 Internet Service Provider in the Middle East country.
    • One of the largest Home Appliance Manufacturing Company.
    • Providing support against Network threat like Viruses,Worms,Trojans etc. to one of the India's public sector units.
    • Conducted Network security audit project of one of the largest PSU in India.
    • Linux Based Firewall: Setup, configure and manage IPCOP, Smoothwall. IPCOP is a specialized Linux based Firewall for protecting all kind of networks.
    • Mail Server Setup:Setup and configure a “QMail” Mail server based on Linux. QMail is considered much stable and secured Mail server in Linux world and is used by major commercial mail service providers like Gmail and Yahoo.
    • Information Security Auditing as per ISO 27001 Standards for One of India’s largest banking sector.
    • Writing Vulnerability Advisories for one of our US based Clients.
    • Executed 3 Forensic projects for Dubai based Indian company, US client, One of Indian company respectively.
    • Also executing Anti phishing project for One of the India’s one of the largest bank.
    • Working on SCADA Pen Testing project, VAPT project and ISO Auditing Project for one of the utility sector (PSU) in India.
    • Conducted Firewall audit for the consulting firm.
    • Executed Security Assessment project for one of the largest search engine of the India.
  • Trainings conducted
    • Linux System and Network security training for an International organization aiming to promote development.
    • Linux Security Audit training.
    • Digital forensic training.
    • Conducted Security Awareness session for the one of the largest PSUs in India.

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content