Hello, World

I'm Mohit Aphale

Researcher. Builder. Hacker. Traveller

More About Me
Tools of Trade

Things I am good at

Secure by Design

Establishing cross departmental secure development, technical roadmaps and technology adoption oversight. Providing support to product teams charged with design and development of secure applications, systems and software for automotive controllers and supported infrastructure which includes Web Application, APIs.

Automotive Security

Currently I am working with Automotive OEM's, Suppliers and Tier-1 company to setup Cybersecurity Process (SAE J3061 / ISO 21434) by perfoming gap analysis on exiting process and methodologies
I perform Threat Analysis and Risk Assessment and derive implementable security requirements and verify implementation by conducting security analysis on System level. I also perform Penetration testing on Automotive Devices.

Security Testing

My first security experience was solving a CTF and finding SQL Injection on a public portal. Penetration Testing and Secure Code Analysis are my daily driver. I have experience performing Penetration testing on Embedded Devices, Web Applications, Hosts, Infrastructure, Thick Clients.

Embedded Security testing

Attacks on JTAG, individual ECU functions such as OTA software updates, feature activation or diagnostics, privilege escalation, hardening, in-car apps/services (e.g. navigation services) Analysis of CAN bus, onboard diagnostics and communication technologies (fuzzing of UDS communication), Attacks on media interfaces (USB, Ethernet, WLAN), multimedia functions (e.g. attacks via manipulated MP3 files), other connections such as NFC, Bluetooth, SD card

Tools and Languages

I have experience with wide varienty of tools and programming languages. My favourite is Python. I have also written programs in JAVA, PHP, Javascript and C. For security testing I have working experience with Kali Linux, Nexpose, Coverity, Synopsys Defensics, HPWebInspect, Wireshark, Binwalk, Radar2, wFuzz, AFL, Radar2, nmap, Ubertooth, WifiPineapple, sqlmap and more... I like to automate and code in python.

Secure Code review

I am proficient in secure code review (PHP, JAVA and getting my hands dirty on C, C++). I provide Tech Talks on Security topics and educate my fellow developers about security concepts and guide them about secure coding practices hearby establishing cybersecurity culture.

About

Let me introduce myself.

Profile Picture

I'm a Senior Security Specialist at Elektrobit India. I have 7+ years of experience in Cyber Security domain. This includes 4 years in Application and Infrastructure Security, 4 years in Embedded Security (IoT, Automotive domain) and 2.5 years of Freelancing in Security testing. I'm located in Bangalore, India

Key Skills

  • SECURE BY DESIGN
  • Penetration Testing
  • IoT / Automotive Security
  • Web Application Security
  • CRYPTOGRAPHY
  • Python Programming
Resume

More of my credentials.

Work Experience

May 2020 - Present

Elektrobit Automotive GmbH

Cybersecurity Expert

Sept 2017 - Dec 2019

Visteon Corporation

Embedded Security Engineer

April 2015 - May 2017

Aujas Networks

Security Consultant

Jan 2015 - Present

Freelancing

Penetration testing, Bug Bounty

March 2014 - Jan 2015

Nanoheal

Product Engineer

Education

Aug 2013 - Jan 2014

C-DAC Bangalore

Post Graduate Diploma in Cyber Security

2009 - 2013

LNCT-S Bhopal

Bachelor Degree in Information Technology

Contact

I'd Love To Hear From You.

Email Me At

mohitaphale@gmail.com