mukul975

Runtime iOS app security testing with Objection (Frida): inspect keychain and filesystem data, explore app internals at runtime, and validate/bypass client-side protections during authorized mobile assessments.

Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.

Performs Linux memory acquisition using LiME (Linux Memory Extractor) kernel module and analysis with Volatility 3 framework. Extracts process lists, network connections, bash history, loaded kernel modules, and injected code from Linux memory images. Use when performing incident response on compromised Linux systems.

Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVTX files to detect obfuscated commands, encoded payloads, and living-off-the-land techniques. Uses python-evtx to extract and reconstruct multi-block scripts, applies entropy analysis and pattern matching for Base64-encoded commands, Invoke-Expression abuse, download cradles, and AMSI bypass attempts.

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.

Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths

Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.

Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.

Nigeria Data Protection Regulation (NDPR) and Nigeria Data Protection Act (NDPA) 2023 compliance. Covers lawful basis for processing, data subject rights, cross-border transfer mechanisms, Data Protection Compliance Organisation (DPCO) registration, mandatory DPIA filing, and breach notification. Keywords: NDPR, NDPA, Nigeria, NITDA, DPCO, Africa data protection, cross-border transfer.

Implements compliance with South Africa's Protection of Personal Information Act (POPIA), Act No. 4 of 2013. Covers conditions for lawful processing, data subject rights, cross-border transfer restrictions, Information Regulator enforcement, and responsible party obligations. Keywords: POPIA, South Africa, Information Regulator, responsible party, operator, prior authorisation.

Tracks and monitors US state privacy legislation across all 50 states, DC, and territories. Covers enacted comprehensive privacy laws (California CCPA/CPRA, Virginia VCDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, and subsequent enactments), pending bills, effective dates, and key requirement differences. Keywords: state privacy law, CCPA, CPRA, VCDPA, CPA, CTDPA, UCPA, multi-state.

Implements compliance with Turkey's Personal Data Protection Law (Kisisel Verilerin Korunmasi Kanunu, KVKK, Law No. 6698). Covers data controller obligations, data subject rights, VERBIS registration, cross-border transfer restrictions, Board decisions, and administrative fines. Keywords: KVKK, Turkey, VERBIS, data controller registry, Board decision, cross-border.

Implements compliance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDP Law) and its Executive Regulations. Covers data controller and processor obligations, data subject rights, cross-border transfer requirements, sensitive data processing, and UAE Data Office enforcement. Keywords: UAE PDP, Federal Decree-Law 45, UAE Data Office, DIFC, ADGM, cross-border transfer.

Maps the US federal privacy landscape including sectoral laws (HIPAA, GLBA, FERPA, COPPA, FCRA, ECPA, VPPA), FTC Section 5 enforcement, proposed federal comprehensive legislation, and the interaction between federal and state privacy regimes. Keywords: federal privacy, HIPAA, GLBA, FERPA, COPPA, FCRA, FTC, sectoral, preemption.

Configuring Google Consent Mode v2 for privacy-compliant measurement and advertising. Covers default and update commands, consent state mapping to GA4 and Google Ads, conversion modeling with cookieless pings, and EEA requirements effective March 2024.

Guides privacy audit evidence collection processes including evidence planning, sampling strategies, documentation standards, chain of custody, interview techniques, system walkthrough procedures, and evidence evaluation. Covers ISO 19011 evidence categories (records, statements of fact, observations) and ISACA audit evidence requirements for privacy compliance assessments. Keywords: audit evidence, evidence collection, sampling, chain of custody, audit documentation, interview techniques.

Active Directory attack reference — BloodHound Cypher queries, Kerberos attack decision tree, ACE/ACL abuse, ADCS ESC1-8, and AD misconfig checklist

Exploit-DB and searchsploit reference — EDB→Metasploit module mappings, PoC reliability rubric, CVSS tier quick reference, and searchsploit usage patterns

MITRE ATT&CK framework reference — tactics, techniques, and tool-to-TTP mappings for pentest documentation and detection rule writing

CVSS 3.1 vector examples, executive summary template, full technical finding template, and remediation language bank for pentest reports

SecLists path map, hashcat rules, CeWL usage, and custom wordlist generation for all attack categories