Petko D. Petkov

Current

• Information Security Consultant at Corsaire
• Information Security Consultant, Founder at GNUCITIZEN

Past

• Information Security Consultant at NTA Monitor
• Freelance Computer Security Consultant (Self-employed)
• Network Administrator at Richmond The American International University in London

see less...

Education

• Richmond, The American International University in London
• High School of Natural Science

Recommended

5 people have recommended Petko

Connections

261 connections

Industry

Computer & Network Security

Websites

• Portfolio
• GNUCITIZEN
• Hakiri

Petko D. Petkov’s Summary

Petko D. Petkov, a.k.a pdp, is founder and leading member of the GNUCITIZEN Information Security Think Tank, a leading organization in the sphere of offensive and defensive information security research. PDP is a recognized information security researcher, penetration tester, frequent speaker at industry recognized events, and published author who has contributed to several best-selling books, numerous popular blogs and online magazines.

My recent work evolves around researching, breaking and testing Web, Web2.0 and Client-side Technologies.

Noteworthy Vulnerability Discoveries:
• Command Fixation Attacks in CITRIX
• Command Fixation Attacks in Microsoft RDP
• Command Execution in Adobe PDF
• E-mail Hijack in Google GMail
• Identity Theft in Second Life
• Command Execution in Apple QuickTime
• Command Execution in Mozilla Firefox (QuickTime)
• JAR manipulation attacks in Mozilla Firefox
• JAR manipulation attacks in SUN Java JVM
• Chrome Execution in Firefox (Firebug)
• Local Zone Execution in Skype via WiFi
• Critical vulnerability in QuickTime affecting Windows Vista and XP
• Design Bug in the DHCP Protocol
• Design Bug in Flash leading to Remote UPnP Attacks

Noteworthy Papers:
• For my next trick... Client-side Security
• For my next trick... Hacking Web2.0
• Exegesis of Virtual Hosts Hacking

Published Books:
• Google Hacking for Penetration Testers Second Edition
• Cross Site Scripting Attacks: XSS Exploits and Defense

Initiatives:
• GNUCITIZEN - Information Security Think Tank
• Hakiri - Hacker Lifestyle Community Blog
• Spin Hunters - Reputation Security Organization
• House of Hackers - Social Network
• Blogsecurify - On-line Social Media Security Testing Engine
• Websecurify - On-line Web Security Testing Engine
• Netsecurify - On-line Network Security Testing Engine

Speaking Engagements:
• Black Hat
• OWASP
• Hack in The Box (HITB)
• CONFidence
• others

gnucitizen.com | gnucitizen.org | gnucitizen.net

Petko D. Petkov’s Specialties:

Idea Development, Brainstorming, Creative Thinking, Information Security Research, Vulnerability Research, Penetration Testing, Tactical Exploitation, Information Gathering, Web Application Security, Radio Security, Exploit Development, Client-side Security, Server-side Security, Social Engineering, Reverse Engineering, Training, Cool-hunting, Programming (Python, Java, C, PHP, JavaScript, Perl, Ruby), etc...

Petko D. Petkov’s Experience

• Information Security Consultant

  Corsaire

  (Computer & Network Security industry)

  2008 — Present (1 year)

• Information Security Consultant, Founder

  GNUCITIZEN

  (Computer & Network Security industry)

  September 2006 — Present (2 years 11 months)

  GNUCITIZEN is a leading information security think tank, delivering solutions to local, national and international clients. Based in London, the organization builds its reputation by providing a unique set of services and maintaining a high level of ethical standards in the assessment and the prevention of the latest security risks and vulnerabilities.
  
  GNUCITIZEN exists to advance public understanding of offensive and defensive information security, to educate and share information with its members and the public on best practices, tools and techniques for such coverage and to represent the interests of its members.
  
  Our mission is to act as a focus for research on a wide range of defensive and offensive information security technologies. We do this by performing tailor-made tiger team and stand-alone assessments and penetration tests. We also conduct our own research, commission research from outside, organize and participate in working groups, conferences and seminars.

• Information Security Consultant

  NTA Monitor

  (Privately Held; 11-50 employees; Computer & Network Security industry)

  May 2005 — September 2008 (3 years 5 months)

  Founded in 1997, NTA Monitor has over 10 years' experience in providing a range of IT security testing, auditing and consultancy services to more than 500 government and corporate clients.
  
  I was leading/senior penetration tester, information security consultant for NTA Monitor. I was the service owner of the Web Application, WiFi, VoIP and most Non-standard services at NTA.

• Freelance Computer Security Consultant

  Self-employed

  (Self-Employed; Computer & Network Security industry)

  June 2003 — May 2005 (2 years)

• Network Administrator

  Richmond The American International University in London

  (Computer & Network Security industry)

  September 2002 — February 2005 (2 years 6 months)

Petko D. Petkov’s Education

• Richmond, The American International University in London

  BSc , Computer Engineering , 2002 — 2005

• High School of Natural Science

  A , Physics, Mathematics, Sociology, English, Deutsch , 1998 — 2002

Additional Information

Petko D. Petkov’s Websites:

• Portfolio
• GNUCITIZEN
• Hakiri

Petko D. Petkov’s Interests:

Idea Development, Brainstorming, Creative Thinking, Art, Design, Electronic Music, etc...

Petko D. Petkov’s Contact Settings

Interested In:

• career opportunities
• consulting offers
• new ventures
• job inquiries
• expertise requests
• business deals
• reference requests
• getting back in touch