Hackers Use This: Satish Bommisetty

 Satish Bommisetty

Security Analyst, Author, Bug Bounty Participant 

Who are you, and what do you do?

I am Satish Bommisetty (@satishb3). I work as a security analyst for Pramati technologies, a product development company in India. As part of my job, I assess the security of web & mobile applications and train developers. I used to spent a lot of time on the mobile space, especially on iOS hacking & forensics. Now I am participating in bug bounty programs in my free time. I authored a book named Practical Mobile Forensics . I’m also a blogger and a family man.

You can connect to me on twitter and LinkedIn.

What hardware do you use?

For personal work, I use a MacBook Pro 13 inch mid 2012 model with i7 processor, 8GB RAM and 1GB graphic card. For office work I have an HP Windows 8 machine.

My mobile lab includes iPhone 5S, iPhone 4, iPhone 3GS and a Samsung galaxy tab, all are jailbroken/rooted.

I have a smart audio system to listen music while working 🙂

What does your testing network or lab look like?

I do most of the stuff on my Mac. I use VMware Fusion on it and maintain two VMs – Windows 7 and Kali Linux. When required, I build new VMs.

All my mobiles are connected to my Mac and I shell into those devices when required.

What tools and software do you use for your trade?

As my primary area of focus is application security, I use Burp Suite Pro with few plugins. I enable burp plugins only when needed to save memory. For all my testing, I use Firefox with Multifox, Proxy Selector and User Agent switcher plugins. I write Python programs when I want to automate something during the work. I use evernote.com to keep my notes.

For iOS testing, I use most of the tools listed here:

https://www.owasp.org/index.php/IOS_Application_Security_Testing_Cheat_Sheet.

What is your dream setup?

I am good with my setup now.  In near future, I will upgrade my Mac and get a powerful router.

Anything Else?

Wish you all the best and happy hacking.

Leave a Reply

Your email address will not be published. Required fields are marked *