I am passionately in Cyber Security. 18 years’ experience in several industries (e.g. Oil and Gas, Software Development, Banking and Aviation). My expertise is Penetration Testing, Threat Hunting and Malware analysis
- Penetration testing for banking industry such as Core Banking, SMS Banking, Transaction Switching, Payment Gateway, Mobile Banking, Online Banking, Online trading and Various Cards Application. Segmentation Test for PCI requirement
- Malware and exploit research and analysis for common and targeted attack of Oil & Gas and Banking Industry.
- Security code review for Python, PHP, C#, Java and C++
- Threat hunting in the oil & gas and banking industry environment. Analysis of several log such as WAF, Firewall, IDPS, Web Application Server, Windows/Linux security event log, Internet Proxy
- Threat Modeling and threat use case for banking application using OWASP and PASTA framework
- Develop security application automation with Python and C#
- Technical team leader for CSOC managing personnel from various background such as SIEM, SOC Analyst, Network Security, Public Key Infrastructure and Software Developer.
- Project manager for cyber security software development and Security devices deployment implementation.
- SIEM QRadar log on boarding, CRE (Custom Rule Engine), Develop new building block and AQL. SPLUNK log index query.
- Amazon Web Service infrastructure (EC2, Fargate, S3 Bucket, Load Balancer, Inter Region Connection and VPN tunnel with enterprise network)
- Cyber Security Architect for energy company, Part of Changes Advisory Board, Develop various procedure, guideline, best practice, secure network design and Secure software design.
- Depth Understanding on below
- Hacking and Malware Analyses Tools : Burpsuite, Acunetix, Kali Linux, IDA Pro, X64dbg, Hex Editor, Visual Studio, PyCharm, Autopsy and Vmware ESXi
- Firewall : Checkpoint, Palo Alto, PFSence, NGINX and F5 Web Application Firewall
- Proxy : Bluecoat Proxy
- Antivirus/EDR : Symantec, CrowdStrike, Cylance and SentinelOne
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 
Hello Mr. Activiti,
I am trying to integrate the workflow with my struts-spring based application.
can you please show me a short step by step (text-demo )…like (self registration page for users-> submitted for approval–>approved/ignored–>saved in legacy database/form dropped.).
actually, where i am facing problem is…
after converting a web development project to maven project..
i tried to introduce .bpmn file, application context-spring.xml.POm.xml. and related depencies…
but facing multiple errors relation m2Eclipse version and form not found…
I also tried to follow ur blog of 26th jan 2013.. but again same..
so, kindly help me out in this integration process.
Can I see your application-spring.xml file ?? and How you load this from context … I will check them if you got any error on that..
I posted my files here
https://dl.dropbox.com/u/63699337/Basic.7z
Hello rioasmara I’ve gone through your blogs, Post those are some high level knowledge, thank you for such knowledge sharing. I want to understand a proper approach on how to make tailor made malware to protect my company by constantly checking the worth of EDRs and other solutions.
Please let me know if you have some good material repositories or anything do let me know.
Thanx
Hi,
The first approach is to understand your EDR configuration. Some EDR become less effective on detecting malware because of missed configuration where you will find default configuration, wrong customization, whitelist here and there and so on.
The second approach that you have to understand the behaviour of your EDR product. Nowadays, EDR are using combination of multiple information during analysis such as Windows API Calls, Static Analysis, Process tree, Interaction with other process, Network activities, Dll loading, Interaction with OS and etc. So there will be no single way to bypass all EDR. You will find that your EDR will prioritize only to some information for analysis compared to the other to optimize the detection time.
The third approach is to keep updated with latest APT techniques and research on windows API (Alot of undocumented windows API being abused) if you were testing windows based malware.
The fourth approach is to continuesly adjust the EDR configuration following the dynamic of your environment and latest type of attack.
Hey! Impressive work maintaining this the last 10 years. Curious if you’ve considered moneization with a display ad layout prior
Hi Rio, please reach out to me regarding your post in relation to “COBALTSTRIKE DNS BEACON LAB SETUP”. I have also sent you a connection request on LinkedIn. Thank you.