Pooja Somu


Courses (1)




Currently working in the MDR Threat Analyst team, analyzing events. Threat hunts and trying to automate the problematic part using python

Prior experience includes VMware Carbon Black, Microsoft Defender ATP (EDRs), and Qradar.

Familiar with analyzing malware executables, maldocx, malicious PowerShell scripts, malicious Visual Basic scripts, malicious DLL's, curl and golang based malicious executables, and ransomware using peview, pstudio, procmon, dnspy, scdbg, oledump, wireshark, cutter, x64 and 32 dbg tools, and mobsf

Also doing some Python automation with the modules selenium, etc. I'm not a professional coder, but I'll keep pushing myself to learn and automate tedious and time-consuming tasks in a simple way.

Also, I spend time every day learning about new threats and other cybersecurity platforms such as Nessus, Qualys, Red Team tools such as Cobalt Strike, and so on. My weekend plans include performing some pen testing in the Real web Application. Reporting bugs and performing malware analysis

Furthermore, Doing some Windows forensics activities like investigating 'BAM, shellbags, userassist, Registry analysis, MFT, USN Journal, $J, Amcache, Shimcache, Memory Analysis etc. with different forensics tools

Researching and programming about EDR/AV evasion methods like API hooking, unhooking, event tracing API, module stomping, etc., to test how the EDRs are defending against APTs and how efficient EDR is in the security world.

PROFESSIONAL IN CATCHING THE PEN TEST made by the customer while investigating the alerts. So Got a nick name as Pentest Catcher

Social Links


Talk to us