AJAY R
Nagercoil
Summary
- Experienced MDRThreat Analyst with a demonstrated ability to effectively detect and neutralize cyber threats. Proficient in conducting in-depth analysis of network traffic, pinpointing vulnerabilities, and promptly responding to security breaches.
- Seeking a dynamic position to apply my skills in strengthening organizational security protocols and bolstering defenses against cyber threats. Eager to contribute to the detection engineering team by enhancing detection capabilities and optimizing rules through RED TEAM Operations.
- Skilled in Malware Analysis, facilitating early threat identification for clients. Successfully circumvented multiple Antivirus software and EDR's utilizing diverse tactics.
- Developed multiple malware like Process Injection, Dll Injection, Reflective Dll injection, Hooking Unhooking, Thread Context, MapViewSection, APC, Earlybird, Hells, Halos gate, Silencing ETW to hide from EDR/EPP's/AV's
Overview
4
4
years of professional experience
1
1
Certification
Work History
MDR Threat Analyst
SOPHOS
BENGALURU
02.2022 - Current
- Utilized Sophos tooling, 3rd party vendors, and parsing mechanisms to investigate and analyze various logs and security-related events for comprehensive threat detection and mitigation
- I've effectively safeguarded over 27000+ clients through detection systems, alerts, and incident management protocols
- Managed more than 30 active ransomware incidents as a IR Lead and Responder.
- Identified and responded to cyber threats and active incidents within customer environments
- Developed internal tools and playbooks using scripting and Python to enhance response efficiency
- Conducted Threat Hunts across multi-customer estates using refined OSQuery/SQL queries for emerging threats and posture improvement
- Researched emerging Indicators of Compromise/Attack, exploits, vulnerabilities, and conducted in-depth malware analysis for customer protection
- Collaborated with cross-functional teams to investigate and respond to security incidents in a timely manner
- Responsible for threat mitigation, tracing persistence, identifying Initial Access/Root Cause, and offering proactive client mitigations
- Prepared technical reports and presentations for technical executive teams and customers aligned with MITRE ATT&CK and the cyber kill chain.
Associate Threat Analyst
NETENRICH
HYDERABAD
04.2021 - 02.2022
- Utilized Endpoint Detection and Response (EDR tools such as Vmware Carbon Black, Microsoft Defender ATP, Sentinel One, QRadar, ThreatHunting, and Malware Analysis
- Developed attack hypotheses using Caldera and virtual machines
- Conducted real-time attacks based on Mitre TTPs and authored detection rules in EDRs based on threat behavior
- Executed live response and recovery actions on compromised machines to enhance security measures.
Cyber Security Trainer
Cybertron01
NAGERCOIL
06.2020 - 03.2024
- Successfully instructed over 10000+ students in Penetration Testing, Networking, and Ethical Hacking
- Identified and resolved bugs in real-time web applications, including Price Manipulation, Account Takeover, XSS, OTP Bypassing, HTML Injections, and HTTP Smuggling
- Reported on bugs and vulnerabilities to improve overall security measures.
Database Administrator - Intern
Mafiree
NAGERCOIL
12.2019 - 05.2021
- A dynamic website has been developed for managing cricket scores and automatically selecting teams, showcasing the following roster of players.
Education
B-Tech, Information Technology
St. Xavier's Catholic College of Engineering
Nagercoil, TamilNadu, India08-2020
Skills
Technologies
- Incident Response
- Threat Hunting
- Network Security
- Red Team Operations
- Malware Analysis
- Windows Forensics
- Web Application Penetration Testing
- Mobile Application Penetration Testing
- Active Directory Penetration Testing
- Vulnerability Assessment
- Malware Development
- Cyber Threat Intelligence
- Cloud Computing(AWS)
- Threat Hunting with Tactic, Technique and Procedure(TTP)
- Purple Teaming for Adding new Rules and suppression
- Witting Rules with YARA
- Playbook Development
- Log Management(SIEM)
- Web Development
Tools used for MalwareAnalysis/Forensics/Red Teaming
- Sophos Intercept X
- Sophos Firewall
- Sophos Central, IPS & IDS
- Qradar
- VmWare Carbon Black EDR
- Microsoft Defender ATP
- Sentinal One EDR
- Google Chronicle
- Soc OS
- Cobalt Strike
- Meterpreter Framework
- Veil Framework
- Empire
- Gophish
- Evilginux
- Caldera
- PEstudio
- Pebear
- Eriz zimmerman Forensics tools
- Burpsuite
- Nmap
- Wireshark
- Oledbg, Oledump, Olevba
- Event Log Explorer
- FTK Imager
- SysInternals
- Velociraptor
- ELK Kibana EDR
- Responder
- Pycharm and Intellij Idea
- Genymotion
- PostMan API
- Cyberchef
- Genesys and other OSINT Searches
- Nuclei
- Sublistr
- Nessus
- Hxd, Cutter, x64/x32 dbg, floss
- John the Ripper, Hydra, xfreeRDP
- Bloodhound, Sharphound
Programming Language's
- C, C
- Rust
- Python
- Go
- HTML, Javascript, SQL, SQLite
Operating System
- Kali
- Windows
- ParrentOS
- FlareVm
- Remnux
- Ubuntu
Cyber Security FrameWork
- Cyberkill Chain
- Mitre(attack & defend)
Certification
- Practical Windows Forensics, TCM Security, 08/2022
- Practical Malware Analysis and Triage, TCM Security, 06/2022
- Ethical Hacking, SWAYAM MHRD, 12/2019
- Cisco Certified Network Associate Routing and Switching (CCNA), Networkz Systems, 08/2019
- ICSI | CNSS Certified Network Security Specialist, ICSI (International CyberSecurity Institute), UK, 05/2020
- Python, Hacker Rank, 09/2020
- Uniting Threat and Risk Management with NIST 800-53 and MITRE ATT&CK, Attack IQ, 04/2021
- MITRE ATT&CK Defender (MAD) ATT&CK SOC Assessments Certification Training, Cybrary, 05/2021
- MITRE ATT&CK Defender (MAD) ATT&CK Fundamentals Badge Training, Cybrary, 06/2021
- MITRE ATT&CK Defender (MAD) ATT&CK Cyber Threat Intelligence Certification Training, Cybrary, 07/2021
- Intro to DFIR - The Divide and Conquer Process, Basis Technology, 05/2021
- Vulnerability Management, Qualys, 06/2021
- Practical Threat Hunting, Applied Network Defence, 08/2021
- Threat Hunting: Hunting the Endpoint & Endpoint Analysis, INE, 08/2021
- X86 Assembly Language Programming From Ground Up, Udemy, 08/2021
- RED TEAM Operator: Windows Persistence Course, Sektor7, 06/2022
- RED TEAM Operator: Malware Development Intermediate Course, Sektor7, 05/2023
Accomplishments
- Spearheaded the development and successful launch of the comprehensive Udemy course 'Ethical Hacking/Complete Red Team Operations in Practical'
- Created instructional materials on Red Team operations, covering all stages from initial access to ransomware deployment
- Delivered educational content to a diverse audience through the Udemy platform
- Produced a YouTube video titled 'Bypassing EDR's, AV's Using API Hooking and Unhooking method'
- Identified and reported multiple bugs, including XSS and CSRF vulnerabilities
- Successfully bypassed Quickheal, McAfee Antivirus Software, Sophos EDR, and Windows Defender
- Finalist in Smart India Hackathon in 2020
- Trained over 1000 students in cybersecurity and Bug bounty Hunting
Web
www.cybertron01.in
Personal Information
- Date of Birth: 06/26/1998
- Nationality: Indian
Publications
- One Day Workshop in Cyber Threat Analysis and Red Teaming, St. Xavier's Catholic College Of Engineering (Cyber Security Cell), 10/2023
- Ethical Hacking/Complete Red Team Operations in Practical, Udemy, 08/2023, https://www.udemy.com/course/red-team-operations-initial-access-to-ransomware-deployment
- Bypassing EDR's, AV's Using API Hooking and Unhooking method, Youtube, 03/2023, https://www.youtube.com/watch?v=4fcjd2-KUVM
- Initial Access | Ransomware | Process Injection | Elevating Privileges | Defense Evasion Practical, Youtube, 06/2023, https://www.youtube.com/watch?v=wLWDe167bN8&t=3100s
- Incident Response for Ransomware Attacks, Youtube, 04/2023, https://www.youtube.com/watch?v=FUj3wNtdgJY
Volunteer Experience
Cyber Crime India, Collaborated with the Indian Cyber Crime Police to proactively prevent cyber attacks, Provided assistance on numerous cybercrime cases to support investigations and ensure justice prevailed
Hobbies and Interests
- Exploring distant lands
- Getting lost in a good book
- Capturing moments
- Feeling the music
- Every kind of sport
Languages
Tamil
First Language
English
Advanced (C1)
C1
Malayalam
Elementary (A2)
A2
Affiliations
- One Day Workshop in Cyber Threat Analysis and Red Teaming St. Xavier's Catholic College Of Engineering(Cyber Security Cell)
- Successfully instructed over 1000 students in Penetration Testing, Networking, and Ethical Hacking.
- Actively Volunteered in 30+ Ransomware Incidents, 50+ Active Incidents
Timeline
MDR Threat Analyst
SOPHOS
02.2022 - Current
Associate Threat Analyst
NETENRICH
04.2021 - 02.2022
Cyber Security Trainer
Cybertron01
06.2020 - 03.2024
Database Administrator - Intern
Mafiree
12.2019 - 05.2021
B-Tech, Information Technology
St. Xavier's Catholic College of Engineering
Similar Profiles
Carlos D. BonillaCarlos D. Bonilla
Senior Sales Operations Analyst – Global Sales Operations & Reporting Analytics at SophosSenior Sales Operations Analyst – Global Sales Operations & Reporting Analytics at Sophos
ALIASGAR CHATIWALAALIASGAR CHATIWALA
Network Security Engineer (L1-2) at SophosNetwork Security Engineer (L1-2) at Sophos
Shiva BhaviniShiva Bhavini
Senior Engineering Manager at SophosSenior Engineering Manager at Sophos
Shiva BhaviniShiva Bhavini
Senior Engineering Manager at SophosSenior Engineering Manager at Sophos
BENNY MOSES J.BENNY MOSES J.
Planning Engineer at Al Thabat Holding LLCPlanning Engineer at Al Thabat Holding LLC