Kartik Durg

Co-Founder

Hubli, Karnataka, India7 yrs 11 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Founder of VioletHat, driving blue team content development.
Led Operation Salwaar Kameez, enhancing defensive strategies.
Achieved 98% visibility during MITRE Engenuity 2022.

Stackforce AI infers this person is a Cybersecurity Specialist with a focus on offensive and defensive strategies.

Contact

Skills

Core Skills

Defensive Content DevelopmentBlue Team OperationsOffensive Security ResearchThreat Actor AnalysisPenetration TestingInformation Security

Other Skills

Reverse EngineeringMalware AnalysisSQL Anomaly DetectionWindows ForensicsBlue Team ChallengesThreat EmulationTTP AnalysisProcess InjectionAutomated TestingWindows InternalsWeb Application SecurityIndustrial Control SystemsEndpoint SecurityShellcode DevelopmentThreat Hunting

About

if (!HOBBIES){ Computers have interested me since my childhood. The trojans, worms and rootkits that I first clicked unknowingly sparked an interest in me to learn more about threat actors and since then cyber security has always been my passion. During my work experience, my interest was narrowed down to adversary emulation and nowadays, I am studying the tactics, techniques, and procedures (TTP's) of various threat actors and developing content for a gamified learning experience for the blue team community. My long-term career objective is to continue contributing to the development of blue team content and enhancing the gamified learning experience. } else { I love solo traveling, playing football, guitar, PC games, and watching my favorite football team play [Arsenal FC]. }

Experience

7 yrs 11 mos

Total Experience

1 yr 11 mos

Average Tenure

2 yrs 1 mo

Current Experience

Violethat

Founder

Apr 2024 – Present · 2 yrs 1 mo · Goa, India

Hack the box

Defensive Content Engineer

Apr 2023 – Jan 2026 · 2 yrs 9 mos · United Kingdom · Remote

Authored and led end-to-end blue team campaign called Operation Salwaar Kameez, developing defensive content on reverse engineering Node.js malware, Windows downgrade attacks, firmware forensics, and SQL anomaly detection, strengthening Hack The Box’s platform value and driving increased player engagement.
Developed numerous blue team challenges focused on real-world defense, helping both community and enterprise users sharpen their cybersecurity skills and strengthening Hack The Box’s platform.
Designed and authored multiple advanced defensive “Sherlock” investigations simulating real-world attacker tradecraft across Windows endpoints (Win32 API’s), AI attack simulation and ransomware scenarios.
Emulated techniques used by Sliver C2, Mustang Panda, and Uroburos, including malicious archive delivery, virtual disk payload concealment, and CVE-2023-49103 exploitation, mapped to MITRE ATT&CK.

Reverse EngineeringMalware AnalysisSQL Anomaly DetectionWindows ForensicsBlue Team ChallengesDefensive Content Development+1

Trellix

Offensive Security Research

Feb 2020 – Mar 2023 · 3 yrs 1 mo · Bangalore Urban, Karnataka, India · Remote

Helped achieve 98% visibility during MITRE Engenuity 2022 by emulating a wide range of attacker techniques during internal purple team exercises.
Studied threat actors such as APT29, FIN7, Carbanak, Wizard Spider and Sandworm to identify and abstract related Tactics, Techniques, and Procedures (TTPs) and developed automated test cases of such TTP's to test against content and products.
Studied different process injection techniques and developed automated test cases of such techniques in Caldera.
Created custom Mimikatz binaries to bypass detections by endpoint security solutions.
Developed C/C++ binary to emulate “Data Encryption for Impact” technique as that of a Ryuk and NotPetya ransomware.
Studied windows internals and developed a new tool to bypass endpoint security solutions.

Threat EmulationTTP AnalysisProcess InjectionAutomated TestingWindows InternalsOffensive Security Research+1

Schneider electric

Penetration Tester

Aug 2019 – Feb 2020 · 6 mos · Greater Bengaluru Area

Web application and thick client Penetration testing.
Penetration testing of Industrial Control Systems.
Contributed to the open source community by developing a vulnerable thick client.

Penetration TestingWeb Application SecurityIndustrial Control Systems

Intel corporation

Information Security Specialist

Apr 2017 – Jul 2019 · 2 yrs 3 mos · Bengaluru, Karnataka, India

Reported a bypass technique for an endpoint and response solution during its control validation.
Conducted internal penetration testing on a web application and reported bugs with high, medium and low severity.
Developed customized shellcode using assembly level language(32-Bit) and also a python script that generates shellcode for specified attacker IP and port.
Detected malicious activities on endpoint by studying TTP's in MITRE ATT&CK framework.
Developed correlation rules in Splunk, exercised internal threat hunting using splunk by collecting logs from EDR solutions, firewall and IPS/IDS.

Endpoint SecurityShellcode DevelopmentThreat HuntingSplunkInformation Security

Information sharing and analysis center

Intern - Security Research

Mar 2017 – Apr 2017 · 1 mo · Remote

Reported a remote code execution vulnerability in a CMS based web application.
Studied and developed exploits such as buffer-overflows and SEH overflows for applications as part of learning exercise.

Vulnerability ReportingExploit Development