IoT Security ⚡️ Mr-IoT
Profile
Welcome to the domain of Mr-IoT, a hub where open-source IoT security knowledge flourishes. Since 2017, I've been at the forefront of pioneering IoT security through the development of the ICE-Bites, IoT pentesting OS, creating curated lists, and publishing insightful blogs, alongside fostering the vibrant iotsrg.org community community across Reddit, Telegram, and Discord. Known for transforming complex IoT security challenges into accessible, actionable knowledge, my mission is to empower, educate, and unite cybersecurity enthusiasts and professionals alike. Dive into this platform to explore resources, insights, and a community dedicated to securing the interconnected world, all curated by someone who lives and breathes IoT security. Join us in shaping a safer digital future.

Experience

Sr. IoT Security Engineer at Crestron Electronics

Feb-2019 to Present, Bangalore, IN

  • Firmware security and Hardware Security.
  • Embedded application security and IoT mobile apps IoT Protocols Security Testing.
  • Secure boot testing and Reverse engineering.


    • Security Consultant at Aujas Networks Pvt Ltd

    Jun-2018 to Feb-2019, Bangalore, IN

  • Firmware security and hardware security analysis to identify and mitigate potential threats.
  • Performed reverse engineering tasks to uncover vulnerabilities and enhance system security postures.
  • Handling IoT/OT projects, leading to improved security practices and protocols.
  • Conducted internal and external assessments of API, IoT devices, and hardware to ensure compliance with industry security standards.
  • Performed mobile application and web application penetration testing to identify vulnerabilities and recommend mitigation strategies.


    • Security Consultant at iSecurion Technology and Consulting Pvt Ltd

    Mar-2017 to Mar-2018

  • Conducted comprehensive security assessments across various platforms.
  • Developed and delivered detailed project reports and presentations.
  • Performed penetration testing in line with OWASP Top 10 for IoT, web, and mobile apps.


    • Independent Security Consulting at Freelancing

    Sep-2015 to Feb-2017

  • Specialized in pentesting IoT devices.
  • Managed VAPT projects for web, mobile, and network security.
  • Identified and addressed network security concerns for clients.


    • Security Engineer at Cartel Software Pvt Ltd

    Feb-2015 to Sep-2015

  • Provided ethical hacking training and risk assessment tools coordination.
  • Contributed to information security blogs with research and writing.
  • Supported multiple platforms and applications in a system administration role.


    • Speaker

    Keynote Speaker at Bsides Dehradun - 2024

    Bsides Dehradun Security Conference 2024

    Advancing IoT Security: Exploring the IIC IoT Security Maturity Model

    IoT Security Foundation Bangalore Chapter Meetup

    Understanding and Exploiting 433MHz Speaker at p0scon

    Issued by p0scon - Oct 2019

    All Null Talks

    Null Bangalore


    CVE

    CVE-2020-23512

    Issued by MITRE · Jun 2020

    CVE-2018-12255

    Issued by MITRE · Jun 2018

    CVE-2018-11339

    Issued by MITRE · May 2018


    Workshops/Villages

    Hardware Security 101 Workshop

    Craccon-Delhi-Jan-24

    Mastering IoT Security Workshop

    Seasides-Goa-Sep-23

    IoT Hacking and Security Village

    c0c0n@16-Cochin-Oct-23

    Publications

    Internet of Things Penetration Testing OS

    Hakin9 · Feb 2, 2020

    Hunting IoT Devices with NetHunter: PART 1

    Hakin9 · Feb 1, 2019

    IoT Security essentials 101

    Pentest Magazine · Nov 1, 2017


    HOF

    nobroker.in Open Redirect Vulnerability

    Issued by Open Bug Bounty · Dec 2020

    Hall of Fame - Netgear - p1

    Visit Netgear Kudos Hall of Fame

    Responsible Disclosure - UnderArmour - P1 bug

    Visit UnderArmour Hall of Fame

    Thanks received for Bug reported in International Islamic University Chittagong

    Issued by HackerOne · Oct 2017



    Certifications
    Skills
    • Hardware Security
    • SideChannel Attacks
    • Glitching & Fault Attacks
    • Firmware RE
    • Android/iOS
    • Wi-Fi
    • Bluetooth
    • Zigbee
    • Lora
    • Embedded AppSec
    • Plugin
    • Scripting
    • Embedded C
    • Bash
    • Python
    • Rust
    • OS Concepts
    • Linux
    © 2024 Mr-IoT