Suraj Prakash

Suraj Khetani (@funkyfreestyler) is a security consultant working with Gulf Business Machines having experience in performing network & web app penetration tests, social engineering assessments, configuration audits and security architecture reviews. He has been acknowledged and awarded by Oracle for finding multiple 0-days in Oracle E-business suite and Netgear respectively. He can be contacted at surajpk(dot)bughunting(at)hotmail(dot)com and reached on linkedin at https://www.linkedin.com/in/suraj-khetani-0483a34a/

Penetration testing June 15, 2017 Suraj Prakash

NAC-hacking – Bypassing network access control

Conducting internal network penetration tests is always fun. There are vulnerabilities that easily help me to get to "keys of the kingdom" i.e. domain admin....

Penetration testing May 5, 2017 Suraj Prakash

Misconfigured WAFs: Bypassing Broken Access Controls Protection

In this article, I will look to build upon the previous article I wrote on finding zero-day vulnerabilities in Oracle e-business suite. The link can be found...

CISSP April 11, 2017 Suraj Prakash

Social Engineering: Compromising Users with an Office Document

A recent trend shows that social engineering is the most commonly used attack vector by hackers to compromise organizations. Largest of the organizations have...