User:Munir Njiru



About Me:

I am a Cyber Security Consultant and researcher. I mainly focus on malware analysis, web and mobile based applications testing and methodologies. I am a member of the Africahackon team which is East Africa’s premier technical computer security collective that brings together the individual talents of the best and brightest security professionals in the region, through live presentations, engaging discussions and hands on demonstrations.

I am also a project leader for the OWASP Project dubbed "OWASP Mth3l3m3nt Framework" (https://owasp.org/index.php/OWASP_Mth3l3m3nt_Framework_Project) which is an exploitation framework that aids in a number of activities and uses minimal resources as all it needs is a webserver which can even be run from an android phone without a problem and optionally a database server. It currently comes with the ability to manage web shells and command remote hosts from a central location over HTTP (HTTP Bot), create custom LFI exploits in as little as 6 lines of code, do custom requests , Generate Web shells and store information on payloads and notes in different DB types if needed, currently it supports (JIG,SQLite,MySQL,MongoDB,PostgreSQL,MSSQL). The framework is envisioned to cover attacks in the OWASP top 10 framework in full while maintaining its ease of deployment and use.

Owasp Kenya is focusing on Educating the new entrants who are not market ready to create a culture of secure development as this is the biggest problem in the region in which Kenya is a technology hub. Their has been a need for information security training especially with the increase in techpreneurs within the region, this is done in collaboration with the Africahackon team to cover the spectrum of secure development and deployment in both campuses and technology hubs in the region to move people from SDLC to SSDLC.

Contact Info: munir.njiru@owasp.org