ABOUT ME

INFORMATION SECURITY

CARUS

MANU

Manu Carus (CISSP, CCSPCISM, CISAOSCPCEHECSACHFI, Windows Exploit Developer) is the leading  Information Security Manager at ManufakturIT GmbH. As Official (ISC)² Training Instructor, Manu Carus qualifies Security Professionals (CISSP), Cloud Professionals (CCSP), Auditors (CISA) and Manager (CISM). Manu Carus publishes articles and speaks on conferences and corporate functions.

XING: 

CISM, CISA 

CISSP, CCSP

CSA, CEH, CHFI

OSCP

Exploit Developer

Security Manager and Auditor

Information Security Professional

Consultant

Pentester

Exploit Developer

ISACA

(ISC)²

EC Council

Offensive Security

Corelan

PUBLICATIONS

Professional Book

Info Security Professional Magazine

iX Magazine

Professional Book

Audio Book

January/February 2016, P. 20ff

This article has been awarded 2017 internationally in the  category "Technical Article" with  "Gold".

 

Issue iX 2/2016 P. 122ff 

ISBN 978-3-939084-22-8

ISBN 978-3-000237-38-6

ISBN 978-3-738620-09-2

Security Initiative

Foundation of the Security - Initiative
"Ethical Hacking - die Netz Security"

Interviews

WDR3 Resonanzen - A talk with Manu Carus

Ethical Hacking oder: Das Internet braucht eine Revolution!

Know-how

Operating Systems

Cisco

Compilers

Databases

Database Languages

Debugging

 

Disassembling

 

Exploiting

 

Fuzzing

 

Hacking

 

 

Honeypots

 

Cryptography

 

Malware

 

 

Patterns & Practice

 

Programming Languages

Protocols

 


Standards

 

Vulnerability Assessments

 

 

Web Programming

Web Servers and Application Servers

XML

 

Linux, Unix, WIndows, Cisco IOS

Switch, Router, Firewall

ANTLR, Domain-specific Languages (DSL)

Oracle, SQL Server, MySQL, MariaDB, Mongo DB, PostgreSQL, NoSQL

PL/SQL, T-SQL, SQL

Immunity Debugger, OllyDbg, PyDbg, PyEmu, WinDbg

IDAPro

Stack based Overflows, SEH based Overflows, Metasploit Modules, Debugging, Egg Hunting, Unicode Exploits, Shellcoding, Bypassing DEP / ASLR, ROP Chains, Heap Spraying, Use after Free

Self-Implemented Toolsets

 

Penetration Tests, Reconnaissance, Scanning, Sniffing, Exploiting, Anonymisierung,
Kali Linux, Metasploit, Social Engineering, AV Evasion, File Transfer, Password Cracking, WiFi-Hacking, Client-Side Attacks, XSS, SQLi, LFI, RFI, Mimikatz, Port Forwarding, Deep Packet Inspection

Dionaea, Glastopf, Kippo

SSH, TLS/SSL, PGP, S/MIME, IPSec, Authenticode, Code Signing, Steganography

Reversing, Sandboxing, Packer, Signaturen, Shellcodes (i386), Deobfuscation, Rootkits, Code Injection, Code Extraction

Enterprise Security Architecture, COBIT, ITIL

C#, Java, C/C++, Python, Perl, Ruby, PHP, VB.NET, VB, VBA

DNS, FTP, HTTP, HTTPS, IMAP, Kerberos, LDAP, HTTP, NetBIOS, NFS, NNTP, POP3, RDP, RMI, RPC, RTSP, Samba, SMB, SMTP, SNMP, SSH,  TCP/IP, Telnet, VNC, WebDAV

ISO 27001: Information Security Management Systeme (ISMS)

ISO 27002: Controls for Information Security

ISO 27005: Information Security Risk Management

PCI/DSS: Information Security for Credit Card Data

Qualys, NeXpose, Nessus, AppScan, OpenVAS, Burp Suite, Acunetix, nmap, Nikto

Automation of Scans and Reporting of Scan Results

ASP.NET, PHP, Java, JSON, REST, SOAP

Apache, Nginx, Tomcat, IIS, JBOSS, TIBCO

XML, XSLT, XPath, XML Schema, XSQL, SQLXML, WSDL

Information Security

Gemarkenweg 1

51467 Bergisch Gladbach

GPG: 45E1715630AEA748