GitHub: https://github.com/alt-glitch

Twitter: https://twitter.com/sidbing

LinkedIn: https://www.linkedin.com/siddharth-balyan

Experience

Research Intern @ IMDEA Software Institute, Madrid

  • July 2022 - May 2023
  • Researched on large scale security analysis, specifically security vulnerabilities in websites and cookies with the context of Public Suffix List.
  • Advised by Dr. Juan Caballero and Dr. Srdjan Matic.

Security Research Intern @ CloudSEK, Bangalore

  • February 2022 - May 2022
  • Successfully ran an entire phishing campaign solo by exploiting a chained DMARC and Mailchimp vulnerability. Harvested over 20 credentials and delivered a talk and report on the vulnerability.
  • Created a module for discovering the services and technologies of a website using signatures and integrated it into the web application scanner framework of the product, leading to better enumeration.
  • Worked in automating internet-wide scans for Log4Shell vulnerability by fuzzing URL parameters and headers from internal datasets. Updated the scan code for more resiliency leading to discovery of 100+ exploitable Log4Shell instances.
  • Carried out security research for two overseas and one domestic leads preparing over 15 security reports and achieved technical closure for all of them.

Red Team Security Research Intern @ FireCompass, Remote/Bangalore

  • July 2021 - January 2022
  • Responsible for conducting research to find new red teaming methodologies in conducting network reconnaissance.
  • Taken part in three red teaming engagements primarily tasked with carrying out large-scale network reconnaissance. Also have taken part in phishing campaigns, testing Android applications.
  • Built net-z and nelk-z, fast network and port scanner applications based on zmap and it’s integration with Elastic Stack to ingest the scans periodically in order to view historical network data.

Projects and Research

Understanding and Exploiting Zerologon: Research Paper

  • This paper aims to explain the detail and working of MS-NRPC protocol, its vulnerability, and finally covers how to exploit it by modifying the existing Proof of Concept published by Secura, by reading Microsoft’s Documentation on the protocol.

IMSI Sniffer: Research Project

  • A project to research on GSM Communication protocol and working, its inherent vulnerabilities, exploitation methodologies. It then talks about how to develop an IMSI Sniffer and how one could lead to large scale collection of user behavior using Splunk as a data aggregation tool

The R.A.T in the Shell: White Paper

  • This whitepaper is an analysis of the Network Breach into the Kudankulam Nuclear Power Plant in Oct 2019 as seen through the lens of Cyber Kill Chain, the study of remote access trojans, and the targeting of critical infrastructure. Talks about public infrastructure security and the role it plays in state-based hacks.

Open-Source Efforts

  • Amass: An attack surface mapping and network/web discovery tool for security professionals.
    • Added a new third-party API source for subdomain enumeration.
  • Subfinder: A fast subdomain enumeration tool.
    • Added a new third-party API source for subdomain enumeration.
  • mitmproxy:
    • Minor bug fix.

Education

Undergraduate Course (2019-2023) Sushant University, India - B.Tech, Computer Science with Specialization in Cyber Security

  • Graduation: July 2023
  • GPA: 9 (out of 10) Final Semester