Dilip Nair

My main expertise in software development is in C/C++ and C#. I have developed a full desktop based application in WPF (a Host Based Intrusion Detection System (HIDS)). As I am a Cyber Security post-graduate, I am also researching in the field of Reverse Engineering and Malware Analysis, along with that I am also proficient in Linux, Cryptography, Computer Networks, native Windows and Linux APIs.

• C, C++, C#, .NET, WPF, MVVM, XAML, PRISM, Razor, ASP.NET Core MVC
• ASP.NET Core WebAPI, MSSQL, ADO.NET
• API testing using Swagger and Postman
• Entity Framework and Identity Framework, SOLID Principles
• Bash, Powershell, Visual Studio and Visual Studio Code
• Familiar with WinAPI, COM API, HTML, CSS, Javascript, Jquerry, Blazor and Java
• Also familiar with ARM based architecture

• Developed a Host based Intrusion Detection System, a desktop application for Windows OS in .NET.
• It monitors the processes and files in the background.
• The admin keep restrictions on the processes and files in the system.
• The application will monitor for the violation of these restrictions and will trigger an alert in the system if any violation occurs.
• Also there are some experimental features like Process Port Mapper, Services Monitoring, User Input Monitoring (Keystroke logger, mouse clicks and coordinates logger), packet capturing (both ethernet and wifi) and Alerts mailing.
• Also there is an authentication mechanism with MSSQL server.

GitHub Repo link for this Project :

https://github.com/DilipCNair/RBS

Project Portfolio Link (One Drive) :

https://1drv.ms/b/s!AtVXrUNZYOgHuTsG94XOyaVjyZp7?e=12XOXl

• Reversing Malware using IDA,
• Binary patching, binary debugging, reversing jumps
• Looking at the Import table, Export table, Sections, Functions and Strings
• Locating main, renaming functions, variables, labels and adding suitable comments wherever necessary, x86-64 Assembly Language
• Finding Code and Data Xrefs, analyzing the logic flow using Xref graphs from and to a function
• Backtracking from suspicious strings or APIs to the beginning of the Logic (i.e. main)
• Finding dynamically resolved APIs, function calling conventions like Standard Calls and Fast Calls,
• Follow string and register operations,
• Watching a memory location for any change in real time
• Traversing through the API chain to understand the functionalities

• Procuring and Analyzing Malware
• Static and Dynamic Analysis of Malware in a Sandboxed Environment (Windows VM and REMNUX)
• PE and ELF File Format, Metadata Analysis, Strings Analysis (ASCII and Unicode strings)
• Analyzing Malicious EXEs as well as DLLs, analyzing Shellcodes
• Entropy checking in Malware
• Looking for Encoded strings and Cryptographic Signatures
• Unpacking Malware using xdbg,
• Dumping unpacked code from xdbg
• Fixing the dumped code
• Debugging and Monitoring malware execution using IDA, Signature building using Yara
• Cryptography, native Win APIs and Linux APIs (POSIX Standards)
• Operating System Internals and Kali Linux

• Network and Open Ports Enumeration
• Looking for Vulnerabilities and finding exploits against vulnerabilities
• Exploiting using public exploits , exploitdb and metasploit
• Web hacking using burpsuite, exploiting vulnerabilities like XSS, CSRF,SSRF, File Incluson and Upload, Command Injection etc
• Linux Privilege Escalation
• Catching reverse shells using netcat and Socket Programming

For Reversing Malwares:

File, Trid, DetectItEasy, CFF Explorer, PEiD, PE Studio, PE bear, Resource Hacker, IDA, signsrch, pecli, pehash, peres, xdbg, processhacker, procmon, regshot, Inetsim, fakedns, FakeNet-NG, wireshark, procdot etc...

Penetration Testing Tools:

metasploit, exploitdb, msfvenom, nikto, wpscan, nmap, netcat, burpsuite, nasm, gdb, objdump, strace, ltrace etc...