About me

Mukul Kumar Dhali

Application Security Analyst

Linkedin Profile

Academic Qualifications

• Master of Science in Cyber Security, Grand Canyon University, 2024, Phoenix, Arizona, USA.
• Master of Computer Application, Motilal Nehru National Institute of Technology, Jun 2007, India.
• Bachelor of Computer Application, Burdwan University, 2004, West Bengal, India.

Certifications

• AWS Certified Solution Architect - Associate
• Amazon Web Services Cloud Practitioner
• Qualys Certified Specialist — Web Application Scanning
• Certified SAFe® 6 DevOps Practitioner
• Sun Certified Java professional.
• AWS Certified Cloud Practitioner - Step by Step - 2021(2021-02-13) -
• Learn Ethical Hacking From Scratch (2020-07-06)
• https://zsecurity.org/generated-certificates/CoXqdb0e.png
• Security Awareness Training(2020-07-06)
• The Complete Nmap Ethical Hacking Course: Network security(2020-07-12)
• Certificate: Cybersecurity Attacks (Red Team Activity)(2020-07-18)
• Ethical Hacking & Bug Hunting: Buffer Overflow for Beginners(2020-07-22)
• CompTIA Pentest+ (Ethical Hacking) Course & Practice Exam(2020-07-22)
• Ultimate AWS Certified Could Practitioner - 2020(2020-07-31)
• Jenkin CICD(2020-June-21) -
• Basics of BINDS DNS(2020-June-20)
• AWS Certified Solutions Architect Associate - 2020 [SAA-C02] -- Neal
• AWS-certified-solutions-architect-associate-saa-c02 -- Stephane Mikes
• Handson Penetration Testing Labs 2.0(2020-06-13)
• Certified Secure Web Application Engineer (CSWAE)(2020-06-18)
• Kali Linux Hacking Lab for Beginners(2020-06-22)
• Learn Step by Step Web Hacking and Penetration Testing:(2020-06-22)
• Project Management: Master Project Management - PMP/PMI(2020-06-15)
• Python for Beginners: Learn Python Programming (Python 3)(2020-05-30)
• Java 8 New Features In Simple Way(2020-05-03)
• Java Streams API Developer Guide(2020-May-09)

Tool Knowledgebase

Security

• Scanners and Penetration Testing: Veracode, Fortify, Checkmarx, Metasploit, Burp Suite, Kali Linux.
• Automation: Snyk for SAST and SCA automation; Burp Enterprise and Qualys for DAST automation, Contrast Security for Runtime Application Self Protection (RASP).
• Poster Management: Bionic/CrowdStrick Falcon ASPM, BigID for (DSPM).
• Vulnerability Management: Qualys WAS, Qualys WAS API, Qualys VMDR, Amazon Inspector.
• Security Education Platform: Secure Code Warrior.
• Threat Modeling: Threat Dragon, MS STRIDE, Evil user stories.
• Cloud Security: Jenkins, Wiz, AWS Security Hub, Amazon Trusted Advisor, Amazon GuardDuty, and Amazon Inspector.
• Code Quality: SonarQube
• Agile Tools: Jira, Confluence, Rally, IBM RTC, QC.
• Container: OCP, EKS

AWS

• Cloud Platforms: AWS (Glue, Lambda, Step Functions, EKS, Event Bridge, SQS, SNS, S3, RDS), Kubernetes (EKS, OpenShift), AWS Security Hub, Amazon Trusted Advisor, Amazon GuardDuty, and Amazon Inspector.
• Vulnerability Management: Amazon Inspector.
• Container: EKS.

Best References

OWASP Top 10

• https://owasp.org/www-project-top-ten/

Useful sites:

• https://hunter.io/ - To get the email address from the company domain. This can be used as Chrome plug in as well.
• https://archive.org/web/ - Exiting web crowling.
• https://www.exploit-db.com › google-hacking-database -- Google Hacking Database (GHDB) - Google Dorks, OSINT ...
• https://vulnrepo.com/report/651ff6c6-ce9f-4aaa-8277-9817999415b2 for report preparation.
• https://github.com/infosecn1nja/Red-Teaming-Toolkit
• https://explainshell.com/
• https://bfy.tw/R7rL

Free Cyber Training:

• https://training.fortinet.com/gmd/NP0$
• https://www.vulnhub.com/
• https://www.pentesteracademy.com/
• https://www.hackthebox.eu/

Blog:

• https://soroush.secproject.com/blog/
• https://pentest.blog/art-of-anti-detection-1-introduction-to-av-detection-techniques/

Search Engeen:

• https://duckduckgo.com/

Useful sites:

• https://github.com/infosecn1nja/Red-Teaming-Toolkit
• Good Pen testing site: https://book.hacktricks.xyz/pentesting/pentesting-rdp

Useful videos:

• https://www.youtube.com/watch?v=8a1yTN2kFNw
• https://www.youtube.com/watch?v=qSnPayW6F7U
• https://www.youtube.com/watch?v=Ba3zE2OyK8M

Learn Rubrics

• 2 X 2 Rubiks Cube
• 3 X 3 Rubiks Cube
• 4 X 4 Rubiks Cube