Ashish Kunwar

• Worked on fingerprinting web technologies, CMS platforms, and other web components using a non-intrusive approach (versioning, passive fingerprinting, behavioral analysis) instead of active probing.
• Developed detection rules for Microsoft Defender External Attack Surface Management (MDEASM) to accurately identify technologies and vulnerabilities while minimizing footprint.
• Collaborated with engineering teams to create custom probing for specific ports when required or based on customer requests.
• Analyzed existing vulnerabilities and wrote detections for them, mapping them to MITRE ATT&CK techniques.
• Researched and tracked threat actors, studying their TTPs and monitoring zero-day vulnerabilities they exploited.
• Created detections for Command & Control (C2) panels and infrastructure to enable active tracking of malicious operations.
• Built complex KQL (Kusto Query Language) queries for threat hunting, detection engineering, and analyzing large-scale security telemetry.
• Created detailed vulnerability profiles(ASI), covering CVE analysis, exploitability, and risk assessment.
• Worked closely with teams to analyze and publish reports on emerging threats, vulnerabilities, and attack techniques.
• Contributed to security articles and intelligence reports to help the broader security community.

• Conducted in-depth vulnerability research by analyzing web technologies, CMS platforms, and other web components to identify potential security weaknesses.
• Performed detailed analysis of identified vulnerabilities and exploits, assessing their impact, exploitability, and mapping them to MITRE ATT&CK techniques.
• Developed and implemented detections for attack surface management, focusing on non-intrusive fingerprinting.
• Contributed to threat intelligence efforts, combining data collection, processing, analysis, and dissemination to provide actionable insights that support security decision-making.
• Worked closely with cross-functional teams, including engineering and research groups, to enhance security posture, keep up with evolving threats, and ensure a rapid response to emerging cybersecurity challenges.

As a Vendor

• Conduct vulnerability research Spanning across Network and Web
• Doing IOC analysis of latest Threats emerging on the web
• Developing Tools and Tactics to automate or solve the issues related to Research
• Doing Exploit Development / Proof of Concept related to the Products
• Come up with a solution of the trade to map the attack surface on the web

• Performs Penetration Testing for clients
• Involves Initial Recon to Privilege Escalation
• Report Writing and Delivery