Rutuja Hulawale


    Rutuja currently serves as a Cybersecurity Analyst at NII and Trainer at IIS. Her work mainly focuses on Cyber Security Trainings, Vulnerability Assessment and Penetration Testing for NII. Her technical abilities span across IoT Security and penetration testing, Secure SDLC, Source code review, Threat Modelling, Network Penetration Testing, Network Architecture Review, Application Penetration Testing, Server & Databases Config Review, Cloud Security and Penetration Testing and ISO Compliance. Rutuja has created custom course outlines as well as conducted the same for a variety of high technologies clients of NII & IIS.

Educational Qualifications

  • PG - Diploma in Advanced Embedded System
  • Bachelor of Engineering in Electronics


  • Practical IoT Hacking (NULLCON)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Consultant (CISC)
  • Certificate of Programmable SOC

Detailed Experience & Expertise

  • IoT Security & Penetration testing
    • IoT Architecture, Network, Threats
    • IoT cloud, firmware analysis
    • adio Protocol Analysis
  • Web Application Security
    • Well versed with OWASP-Top 10
    • WAF bypassing techniques
    • WASC – Threat Classification
    • Web Application Vulnerability Assessment and Penetration testing
    • Source Code Review-Manual and Automated testing (Web and Mobile applications)
    • Secure SDLC
    • Threat Modelling
  • Network Security
    • Profound knowledge of TCP/IP fundamentals
    • Well versed with Metasploit Framework
    • Network Vulnerability Discovery and Exploitation
    • Database Security and OS Security
    • Wireless Security and penetration testing
    • Cryptography
    • Architecture and config review
  • Mobile Application Security
    • Android Application Security
    • Reverse engineer Android Application
    • iOS Application Security

Technical Skills

  • IoT tools: Binwalk, Exploit framework, firmware mod kit, Logic analyzer, CAN, ZigBee, SPI, MQTT, I2C, JTAG, UART, BLE protocols and their attacks. Firmware attacks
  • Languages: C, C++, shell scripting, python, Assembly language
  • Security tools: Nmap, Nessus, Scapy, Aircrack‐ng suite, tnscmd, IkeScan, IkeProbe, IDA, Hping3, Metasploit, BurpSuite, Wireshark, NetCat, Cain & Abel, tcpdump, PWDump, Brutus, Nikto, SQLmap, OScanner, Veracode, Synk
  • Database: Oracle, MS SQL, MySQL

Interpersonal Skills

  • Rutuja has good communication skills and experience in presenting several presentations and training. Experience in dealing with senior and middle management, system administrators, auditors, business partners, clients, customers, employees, etc.
  • Ability to deliver training sessions in an interactive manner.
  • Trainings/Seminars conducted

    • Trainings on IoT Security
    • Trainings on Certified Ethical Hacking (CEH v11)
    • Trainings on Secure coding awareness
    • Trainings on Secure SDLC
    • Trainings on Network Security
    • Trainings on Mobile Security
    • Trainings on Web Application Security
    • Regular In-House batches to aspiring students

    Corporate Trainings

    • Secure code awareness
    • Secure code review for developers