Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.
Daniel Min is an impressive individual with a strong background in security research and penetration testing. With 2964 LinkedIn connections, Daniel has established a strong network within the industry. As a Technical Manager at a Breach Simulation and Attack & Penetration consulting service, Daniel focuses on advanced network penetration testing, web application assessment, scenario-based adversary simulations, social engineering, and vulnerability assessment. Daniel's expertise also extends to security research, tool automation, exploit development, and evasive techniques, showcasing a passion for staying at the forefront of the field.
Currently serving as the Lead Security Engineer in Offensive & Product Security Engineering at Unqork, Daniel's role includes performing threat modeling, security architecture reviews, and manual penetration testing. They are responsible for validating vulnerabilities and enhancing the application security process. Daniel has also held positions at HackerOne, Optiv, Protiviti, and Grant Thornton LLP, where they led various security initiatives such as Adversary Simulations, Red Team engagements, and network penetration testing assessments. With a Master of Science degree in IT Auditing and Cyber Security, along with a Bachelor's Degree in Management Information System, Daniel possesses a strong educational foundation that complements their extensive professional experience.
More about this expert
- Full name
- Daniel Min
- Location
- United States
- Title
- Lead Security Engineer - Offensive & Product Security Engineering
- Company
- Unqork (since 2023)
- Industry
- Software Development
- LinkedIn profile
- https://www.linkedin.com/in/danielsmin/
- LinkedIn Connections
- 2964
- Summary
- Advisory: - CVE-2020-15931 - CVE-2021-28428 Github: https://github.com/bigb0sss Blog: https://medium.com/@bigb0ss HackTheBox: https://app.hackthebox.eu/profile/25627 (Elite Hacker) Daniel is a Technical Manager employed at a Breach Simulation and Attack & Penetration consulting service based out of Denver with a concentration on advanced network penetration testing, web application assessment, scenario based adversary simulations, social engineering, and vulnerability assessment. Daniel is a quick learner and has a strong passion in security research, tool automation, exploit developments and evasive techniques.
- Skills
- Leadership Microsoft Office
Education
- Fox School of Business at Temple University
-
Master of Science
Attended in 2016 - 2017
Field of study: IT Auditing and Cyber Security - Fox School of Business at Temple University
-
Bachelor’s Degree
Attended in 2013 - 2015
Field of study: Management Information System(MIS)
Positions
-
Unqork
Remote
-
Lead Security Engineer - Offensive & Product Security Engineering
Feb 2023 - Present
-
Unqork
Remote
-
Lead Security Engineer - Application & Product Security
Dec 2021 - Feb 2023
• Performs Threat Modeling and Security Architecture Reviews on Unqork's No-Code platform.
• Performs manual penetration testing and configuration reviews on customer applications created by the Unqork platform.
• Responsible for validating vulnerabilities identified by SAST scanners and creating Proof-of-Concept exploits for the vulnerability exploits.
• Responsible for enhancing the application security process and security tool automations including JWT attack frameworks and Denial of Service (DoS) security testing automation.
• Responsible for reviewing the third-party security assessment results and providing recommendations and remediation steps to the internal platform engineering team.
- HackerOne
-
Security Researcher
Feb 2021 - Present
https://hackerone.com/spicyb0ss
-
Optiv
Remote
-
Technical Manager / Red Team Lead - Threat Management (Attack & Pen)
Jun 2021 - Dec 2021
• Led and performed Adversary Simulations or Red Team engagements using a black-box approach.
• Provided thought-leadership and technical-guidance to Optiv's Attack & Penetration testing team.
• Performed web application security assessments against enterprise and custom applications to target specific functions such as authentication, authorization, session management and input validation.
• Performed threat modeling or penetration testing against cloud infrastructures.
• Debriefed clients on findings and creates detailed testing reports with recommendations for remediation.
-
Optiv
Remote
-
Principal Security Consultant - Threat Management (Attack & Pen)
Jan 2021 - Jun 2021
-
Optiv
Remote
-
Senior Security Consultant - Threat Management (Attack & Pen)
Jul 2019 - Jan 2021
-
Protiviti
Greater Philadelphia Area
-
Senior Security Consultant - Penetration Testing and Red Team Operations
Oct 2018 - Jul 2019
• Performed and led multiple network penetration testing assessments leveraging various approaches including black-box or red team techniques. Other various testing methodologies have been executed to fulfill regulatory requirements such as PCI DSS.
• Performed web application security assessments against enterprise and custom applications.
• Performed wireless assessments to identify potential rogue access points and wireless misconfigurations.
• Published weekly blog posts regarding offensive security techniques and tools
for the Protiviti Security Lab.
-
Grant Thornton LLP
Greater Philadelphia Area
-
Penetration Tester - Cyber Defense Solution
Sep 2017 - Oct 2018
• Performed and led multiple internal and external network penetration tests,
web application security assessments, social engineering, vulnerability
assessments and wireless audits assessments.
• Managed and was responsible for a Virtual Pentesting Lab environment as a
Microsoft Azure administrator.