Avatar

Mayank Malik

CRTP | Incident Responder | Synack Red Team Member | Threat Analyst | Security Researcher | Cloud/Network Architect

Muzaffarnagar, Uttar Pradesh

Biography

Mayank Malik is a tech savvy person, Red Team Enthusiast, and likes to wander around to learn new stuff. Cryptography, Networking and System Administrations are his forte. He’s one of the Founding Members for CTF Team, Abs0lut3Pwn4g3, and Core Member at DC 91120 (DEFCON Community Group). Apart from the mentioned skills, he’s good at communication skills and is goal oriented person. Yellow belt holder at pwn.college in pursue of learning and achieving Blue Belt.

Interests

  • Computer Networking
  • Pentesting
  • Cryptography
  • Reverse Engineering
  • Exploit Development (Still learning)
  • Hardware
  • PIZZAS

Education

  • School, 2017

    Shardein School

  • B.Sc. (Hons) in Computer Science, 2020

    College of Vocational Studies, University of Delhi

Posts

HTB Writeup: Nest

Enumeration nmap # Nmap 7.92 scan initiated Thu Jun 30 18:27:50 2022 as: nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt Nmap scan report for 10.129.134.93 (10.129.134.93) Host is up (0.085s latency). Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 445/tcp open microsoft-ds? 4386/tcp open unknown | fingerprint-strings: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, LANDesk-RC, LDAPBindReq, LDAPSearchReq, LPDString, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServer, TerminalServerCookie, X11Probe: | Reporting Service V1.

HTB Writeup: Monteverde

Enumeration nmap scan Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-29 17:45 IST Nmap scan report for 10.129.134.71 (10.129.134.71) Host is up (0.076s latency). Not shown: 65516 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-06-29 12:17:20Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: MEGABANK.

HTB Writeup: Mango

Enumeration nmap ➜ [email protected] Mango please nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-28 04:59 IST Nmap scan report for 10.129.1.219 (10.129.1.219) Host is up (0.080s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a8:8f:d9:6f:a6:e4:ee:56:e3:ef:54:54:6d:56:0c:f5 (RSA) | 256 6a:1c:ba:89:1e:b0:57:2f:fe:63:e1:61:72:89:b4:cf (ECDSA) |_ 256 90:70:fb:6f:38:ae:dc:3b:0b:31:68:64:b0:4e:7d:c9 (ED25519) 80/tcp open http Apache httpd 2.

HTB Writeup: Phoenix

Enumeration nmap ➜ [email protected] Phoenix please nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt [sudo] password for mostwanted002: Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-26 19:50 IST Nmap scan report for 10.129.133.247 (10.129.133.247) Host is up (0.075s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 9d:f3:87💿34:75:83:e0:3f:50:d8:39:c6:a5:32:9f (RSA) | 256 ab:61:ce:eb:ed:e2:86:76:e9:e1:52:fa:a5:c7:7b:20 (ECDSA) |_ 256 26:2e:38:ca:df:72:d4:54:fc:75:a4:91:65:cc:e8:b0 (ED25519) 80/tcp open http Apache httpd |_http-server-header: Apache |_http-title: Did not follow redirect to https://phoenix.

HTB Writeup: Forest

Enumeration nmap scan ➜ [email protected] Forest please nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt [sudo] password for mostwanted002: Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-23 18:24 IST Nmap scan report for 10.129.95.210 (10.129.95.210) Host is up (0.074s latency). Not shown: 65512 closed tcp ports (reset) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-06-23 13:01:56Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: htb.

Skills

C/C++

Python

Java

GOLang

Docker

PHP

Linux System Administration

Network Administration

Reverse Engineering

Exploit Development

Google Cloud Platform

Amazon Web Services

Wordpress

MySQL

Cryptography

Adobe Photoshop

Adobe Premier

Adobe AfterEffects

Adobe Illustrator

Experience

 
 
 
 
 

Incident Responder

Certego

Nov 2021 – Present Italy
 
 
 
 
 

Threat Analyst

Netenrich

Dec 2020 – Nov 2021 India
 
 
 
 
 

Security Researcher

Synack Red Team

Dec 2020 – Present India
 
 
 
 
 

Senior Advisory

ENCRYPT - The Tech Society of College of Vocational Studies

Apr 2019 – Apr 2020 University of Delhi, Delhi
 
 
 
 
 

Core Member

DC 91120 (DEFCON Community Group)

Mar 2019 – Present Delhi, India
 
 
 
 
 

Design & Technology Head

TEDxCVS

Feb 2019 – Mar 2019 University of Delhi, Delhi
 
 
 
 
 

Design & Technology Member

TEDxCVS

Feb 2019 – Mar 2019 University of Delhi, Delhi
 
 
 
 
 

Founding Member

Abs0lut3Pwn4g3

Oct 2018 – Present India
 
 
 
 
 

Design & Technology Head

ENCRYPT - The Tech Society of College of Vocational Studies

Aug 2017 – Apr 2019 University of Delhi, Delhi
 
 
 
 
 

Design & Technology Member

ENACTUS CVS

Aug 2017 – Mar 2019 University of Delhi, Delhi

Accomplishments

Architecting with Google Kubernetes Engine: Production

See certificate

Architecting with Google Kubernetes Engine Specialization

See certificate

Architecting with Google Kubernetes Engine: Workloads

See certificate

Architecting with Google Kubernetes Engine: Foundations

See certificate

Autopsy 8-Hour Online Training

See certificate

Machine Learning

See certificate

Architecting with Google Cloud Platform Specialization

See certificate

Google Cloud Platform Fundamentals: Core Infrastructure

See certificate

Essential Cloud Infrastructure: Foundation

See certificate

Essential Cloud Infrastructure: Core Services

See certificate

Elastic Cloud Infrastructure: Scaling and Automation

See certificate

Elastic Cloud Infrastructure: Containers and Services

See certificate

Reliable Cloud Infrastructure: Design and Process

See certificate

Elastic Cloud Infrastructure: Containers and Services

See certificate

Projects

*

RFFuzzer

A SSRF Detection tool to identify web URLs vulnerable to SSRF via HTTP Header Injection.

Exfiltrace

A data exfiltration server-client app.

Datanoid

A multilevel Data-Encryption Tool.

File Encryptor 1.0

A File Encryption tool written in JAVA

Root The Box framework

A CTF framework(in flask) for HackTheBox style machines.