Abhishek J M

@HawkSpawn [email protected]

Mobile Security Enthusiast from India | Alumnus from Amrita Vishwa Vidyapeetham | Open Source Evangelist | Hip Hop & Poetry @revokensoul | Avid admirer of Science Fiction, Cosmology and Time Travel | Loves everything on Wheels | Best friends with Python and Java | Professional Tea and Coffee Drinker | Project Lead @ ADHRIT & EVABS | CTF @ Team bi0s


Events

Application Security

CRED

Mobile application security testing and automation at CRED, one of the India's prominent startups. CRED is the most rewarding, members-only credit card payment app offering unmatching rewards from exclusive brands for paying credit card bills

Sept 2019 - Present

Trainer at 7ASecurity

c0c0n - Hacking & Cyber Security Briefing, 2019

Conducted a 2-day, extensively hands-on training in Android and iOS application security at c0c0n 2019 International Conference, as a part of 7ASecurity

September 2019

Mobile Security CTF Team Lead

Team bi0s

Lead the CTF mobile security team of Team bi0s at Amrita Vishwa Vidyapeetham, Amritapuri

August 2014 - Present

Speaker at OWASP Seasides

OWASP Seasides 2019

Presented my open source Android reversing and analysis suite ADHRIT at OWASP Seasides (Open Web Application Security Project) International Conference, 2019 held at Goa, India

March 2019

University Gold Medalist

Amrita Vishwa Vidyapeetham

Secured #1 position in bachelors in computer applications degree across 3 campuses of Amrita Vishwa Vidyapeetham (9.85 GPA)

September 2017

Trainer at ISSISP

ISSISP 2016

Teaching assistance for Android security workshop at ISSISP (International Summer School for Information Security and Protection) 2016

August 2016

Nationally #1 - Google CTF

Google CTF 2016

Secured #1 position nationally in Google CTF 2016

August 2016

CVE 2015-5612

October CMS

CVE 2015-5612 assigned for reporting Stored XSS vulnerability in October CMS

July 2015

Projects

ADHRIT

Android Application Security Suite
Open source Android application security tool emphasizing compactness and flexibility along with speed and ease of setup. Adhrit offers features like source code extraction, manifest analysis, URL extraction and automated ADB payload generation. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications. It is widely accepted in the community and presented at conferences like OWASP Seasides, Threatcon and Cysinfo
April 2016 - Ongoing

EVABS

Extremely Vulnerable Android Labs
An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application vulnerabilities in a story-based, interactive model. EVABS follows a level-wise difficulty approach and in each level, the player learns a new concept. This project is still under progress and aims at incorporating as many levels as possible.
May 2017 - Ongoing

DroXES

Droid eXploitation Environment Setup
A simple script to install the most necessary tools for security testing on your Android device/emulator and also to setup the host Linux system with all the required dependencies.
May 2017 - Ongoing

Social Outreach

Cyber Gurukulam

Team bi0s & Amrita Centre for Cybersecurity Systems

Conducted a week-long cybersecurity workshop for high school students from all across India. The workshop focused on creating an awareness about cybersecurity amongst the younger school-going students and getting them interested in cybersecurity as a career

May 2016

Cyber Security Workshop for Rural School Students

Team bi0s & Andhra Pradesh Government

Conducted a 2 week-long cybersecuity workshop for rural school students of Andhra Pradesh as a part of government initiative

June 2016

BIKOS Workshop

Team bi0s & BIKOS

Conducted a 2 day workshop in collaboration with BIKOS initiative for high school students to create awareness about cyberspace crimes and issues

August 2017

Updates