About

Introduce myself

Hey, I am Hilda (a.k.a. Hilda), a “not only can not repair the computer, but also can play games” network security research 0 master, 2024 shore Southeast University (examination comprehensive performance professional master rank 6/174).

When I was an undergraduate in Nanjing University of Information Science and Technology (GPA: 3.72, weighted average score of required courses: 87, rank of undergraduate major: 3/69), I was able to study well. I am not only familiar with computer networks, data structure algorithms, but also familiar with various WEB vulnerabilities such as SQL injection, XSS, CSRF, etc. Also, I have a long list of skills, xxxxxx, which is “almost” a one-stop shop!

When it comes to project experience, I was involved in developing a “security situational awareness system [the] security situation awareness system (https://github.com/kirsten-1/situationAwareness)”, is that can let you see the network activities and security incident intuitive interface. With this system, you can easily defend against all kinds of attacks, and I can sit in the cloud and watch (for my locally built shooting range, okay, big guys don’t laugh). The other projects are almost always Java-focused.

Work experience? Yes, I briefly worked as a penetration testing engineer for the security department of the Yangzhou Tax Bureau of the State Administration of Taxation. In that short month, I not only completed a series of penetration tests and vulnerability scans, but also optimized my emergency response process. Speaking OF THIS, I suddenly feel a bit like THE “ONE day national network, lifetime national network” feeling (???). .

Credentials/Skills

CET4(615 points) CET6(534 points) CISP-PTE(National Certified Information Security Penetration Testing Engineer)

Security

• Familiar with common WEB vulnerabilities such as: SQL injection, file upload, XSS, CSRF, file inclusion, SSRF, XXE, RCE, deserialization vulnerabilities, unauthorized access, logic vulnerabilities, CAPTcode bypass, etc -Familiar with Metasploit+Cobalt Strike, AWVS, AppScan, Nessus, Burpsuite, sqlmap, Godzilla, binwalk, foremost and other tools
• Familiar with the vulnerability reproduction and understanding principles of middleware and some mainstream frameworks, have the habit of reproducing vulnerabilities and reading source code, collecting fingerprints in time, and understand the skills of bypass.
• Familiar with computer network and other basic computer knowledge, interested in CTF-MISC, familiar with cryptography, steganography, file separation and merging, familiar with traffic analysis, able to write python scripts to crack steganography.

Other

• Familiar with HTML, CSS, Javascript, VUE, Ajax, Node, Java SE, Java EE, Git, MySQL, PHP, Python, Maven, Spring, Spring Boot, Redis, RabbitMQ, Dubbo et al., familiar with multi-threading and high concurrency, skilled in using Git and Github for team collaboration development
• Familiar with Mongodb, Oracle, Redis, kotlin, JVM and Java design patterns, love to practice algorithms in leetcode
• Understand Linux system security, devote to GitHub, stackoverflow and other open source community contribution, have a strong interest in attack and defense security technology, have innovative spirit, good learning attitude, love to read technical books and framework source code, diligent in writing blog self-summary, can actively learn the latest technology.

Hobbies

• Aside from technology, I’m also a big fan of political and military news, especially about big events like the war between Russia and Ukraine.
• Hiking

github

If you are interested in my technical or project, you can go to my lot address [making address] (https://github.com/kirsten-1), or on my personal public number: “small east don’t hurt” (don’t scold, don’t scold the).

About my favorite shows

• Steven Spielberg, Band of Brothers (2001)
• My Brilliant Girlfriend （2024 is looking forward to Season 4）
• “This is us”