Personal information:
Aleksandr Timorin
twitter: @atimorin
|
Education:
MS of mathematics, mathematic-mechanic department,
specialty - mathematics, applied mathematics,
specialization - system programming;
|
Conferences, public releases:
- Confidence, BalcCon, Hack.lu, 31C3 (2014): "SCADA deep iside: protocols and security mechanisms" (http://goo.gl/Fd7iUA)
- Positive Hack Days III, Moscow, “Industrial protocols for pentesters” (http://goo.gl/jn1RFI)
- Power Of Community 2013, Seoul, “Techniques of Attacking Real SCADA & ICS Systems” (http://goo.gl/AstWpX)
- Chaos Communication Congres (30C3), workshop “Hacking SCADA: ICS Penetration testing workshop” (http://goo.gl/HlXkLQ)
- ICS/SCADA toolkit: nmap scripts, python scanners, fuzzer, bruteforcers, hashes extractors (http://goo.gl/Q287q8)
- THC-Hydra module for password bruteforsing of industrial programmable logic controller (PLC) Siemens S7-300 (http://goo.gl/yEYIOp)
- Yandex bug bounty program hall of fame (http://goo.gl/yI0NWy)
|
|
Current Position:
|
Alerts | Advisories | CVE:
- [ responsible disclosure ]
- Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities | https://ics-cert.us-cert.gov/advisories/ICSA-15-048-01
- Siemens SIMATIC S7-1200 Vulnerabilities | https://ics-cert.us-cert.gov/advisories/ICSA-14-079-02
- Siemens SIMATIC S7-1500 CPU Firmware Vulnerabilities | https://ics-cert.us-cert.gov/advisories/ICSA-14-073-01
- Offline Brute-Force Password Tool Targeting Siemens S7 | https://ics-cert.us-cert.gov/alerts/ICS-ALERT-13-016-02
|
Additional information:
Excellent knowledge of English.
Driving license class B.
Personal qualities: purposefulness, self-organization, team-working,
easily adaptation to new environment and requirements.
Interests: sports (basketball, football, powerlifting, snowboarding, rock climbing).
Without bad habits. Ready for relocation.
|
| Note: full curriculum vitae after email contact only |