Raja Nagori RAJANAGORI

Hi 👋, I'm Raja Nagori

💼 Currently serving as a Product Security Engineer at Splunk
🎓 Holds a Bachelor's degree in Computer Science and Engineering
🛡️ Specializes in conducting penetration testing for web applications, network applications, and mobile applications (Android and iOS). Proficient in SAST (Checkmarx, Veracode, Sonarqube), DAST (Burpsuite), and Threat Modeling alongside Dev-Sec-Ops
🐳 Expertise includes Docker containerization and creating Docker images for Pentesters with Docker Security
🔧 Leading the development of an open-source tool called Nightingale: Docker for Pentester listed under the OWASP Open Source project list
🎮 Active member of the Hack the Box community, solving new security patches and challenges
📝 Shares insights and knowledge through publications on Medium about security findings, methodologies for identifying vulnerabilities, and mobile application VAPT methodologies
🤝 Dedicated to sharing discoveries with the community and providing assistance to those in need

Languages & Tools:
Cyber Security Skills:
- 🔍 Penetration Testing
- 🛡️ Vulnerability Assessment
- 💻 Web and Network Penetration Testing
- 📱 Android and iOS Application Penetration Testing
- 🛡️ Threat Modeling
- 📝 Source Code Review (SAST)
- 🔒 Authenticated DAST
- 🐳 DevOps: Docker and Docker Security
- 🛠️ Dev-Sec-Ops: CI/CD Integration
- 🤖 Scripting Automation (Shell Scripting and Python)
- 🔐 Operating System Hardening

Cybersecurity Penetration Toolkit on Docker: https://github.com/RAJANAGORI/Nightingale
- Nightingale is a Docker environment for penetration testing, providing a platform-independent toolkit with various tools for vulnerability assessment and penetration testing. It includes tools for web application, network, mobile, API, OSINT, and forensic testing, making it a comprehensive environment for pentesters.
- Technology used: Docker, Python, Bash
Vulnerability Scanner: https://secucode.gitbook.io/
- The secucode GitBook is a vulnerable and mitigated source code directory for understanding Common Weakness Enumeration (CWE) reported vulnerabilities. It provides a comprehensive resource for learning about and addressing security vulnerabilities in software development, helping developers improve the security of their applications.
- Technologies used: Markdown

My Blog on Cyber Security: Regularly updated with articles on latest trends, tutorials, and personal insights into the world of cybersecurity.

Speaking Engagements:
- Presented at:
  - Blackhat Arsenal ASIA 2022
  - OWASP Global AppSec EU 2022
  - Docker Community Hands On #6
  - Blackhat Arsenal MEA 2022 (Shortlisted)
  - Blackhat Arsenal ASIA 2023
  - Blackhat Arsenal MEA 2023 (Shortlisted)
  - Blackhat Arsenal ASIA 2024