- ๐ผ Currently serving as a Product Security Engineer at Splunk
- ๐ Holds a Bachelor's degree in Computer Science and Engineering
- ๐ก๏ธ Specializes in conducting penetration testing for web applications, network applications, and mobile applications (Android and iOS). Proficient in SAST (Checkmarx, Veracode, Sonarqube), DAST (Burpsuite), and Threat Modeling alongside Dev-Sec-Ops
- ๐ณ Expertise includes Docker containerization and creating Docker images for Pentesters with Docker Security
- ๐ง Leading the development of an open-source tool called Nightingale: Docker for Pentester listed under the OWASP Open Source project list
- ๐ฎ Active member of the Hack the Box community, solving new security patches and challenges
- ๐ Shares insights and knowledge through publications on Medium about security findings, methodologies for identifying vulnerabilities, and mobile application VAPT methodologies
- ๐ค Dedicated to sharing discoveries with the community and providing assistance to those in need
Raja Nagori - Linkedin Raja Nagori - Twitter Email me
-
Cyber Security Skills:
- ๐ Penetration Testing
- ๐ก๏ธ Vulnerability Assessment
- ๐ป Web and Network Penetration Testing
- ๐ฑ Android and iOS Application Penetration Testing
- ๐ก๏ธ Threat Modeling
- ๐ Source Code Review (SAST)
- ๐ Authenticated DAST
- ๐ณ DevOps: Docker and Docker Security
- ๐ ๏ธ Dev-Sec-Ops: CI/CD Integration
- ๐ค Scripting Automation (Shell Scripting and Python)
- ๐ Operating System Hardening
-
Cybersecurity Penetration Toolkit on Docker: https://github.com/RAJANAGORI/Nightingale
- Nightingale is a Docker environment for penetration testing, providing a platform-independent toolkit with various tools for vulnerability assessment and penetration testing. It includes tools for web application, network, mobile, API, OSINT, and forensic testing, making it a comprehensive environment for pentesters.
- Technology used: Docker, Python, Bash
-
Vulnerability Scanner: https://secucode.gitbook.io/
- The secucode GitBook is a vulnerable and mitigated source code directory for understanding Common Weakness Enumeration (CWE) reported vulnerabilities. It provides a comprehensive resource for learning about and addressing security vulnerabilities in software development, helping developers improve the security of their applications.
- Technologies used: Markdown
- My Blog on Cyber Security: Regularly updated with articles on latest trends, tutorials, and personal insights into the world of cybersecurity.
- Speaking Engagements:
- Presented at:
- Blackhat Arsenal ASIA 2022
- OWASP Global AppSec EU 2022
- Docker Community Hands On #6
- Blackhat Arsenal MEA 2022 (Shortlisted)
- Blackhat Arsenal ASIA 2023
- Blackhat Arsenal MEA 2023 (Shortlisted)
- Blackhat Arsenal ASIA 2024
- Presented at: