PENETRATION TESTER
OFFENSIVE SECURITY // VULNERABILITY RESEARCH
"Tools are transient. Methodology is eternal."
>> BLOG
This blog isn't about shortcuts; it's about clarity. I document my own encounters with complex security challenges—technical roadblocks, certification hurdles, and obscure exploits—to provide the guidance I wish I had. The goal is to help you analyze the roadblock and offer a solid starting point so you can solve the problem yourself.
>> SYSTEM_LOGS: EXP_HISTORY
ROLE: SENIOR SECURITY CONSULTANT
- > Operating as a key security vendor for one of India's largest NBFC (Non Banking Financial Company).
- > Performing comprehensive Web, Mobile, API, and Network security assessments.
ROLE: ANALYST ETHICAL HACKING
- > Performed VAPT testing on various domains including SaaS, IoT, Healthcare, and Hospitality.
- > Conducted security assessments facilitating the organization's CERT-IN empanelment objectives.
- > Executed Black box, Grey box, and White box assessments for external and internal infrastructure.
- > Conducted VAPT assessments, outlining critical findings and collaborative remediation strategies.
- > Orchestrated team communication and intern supervision to align security posture.
ROLE: ASSOCIATE SECURITY CONSULTANT
- > Executed VAPT assessments for web applications and diverse client projects.
- > Led 6-week intensive training bootcamp for junior operatives (Networking, Bash, Web Security).
- > Engineered HACK-X NODE (SaaS Product) architecture and security design.
>> TROPHY_CASE
Identified Business Logic Flaw leading to Privilege Escalation.
Acknowledged for securing sensitive mental health data infrastructure.
[OPEN_LINK]>> EXPERTISE_MODULES
WEB
Industry standard & business logic flaw testing.
MOBILE (ANDROID/iOS)
Dynamic analysis & application reverse engineering.
NETWORK
Vulnerability assessments & infrastructure penetration testing.
API SECURITY
Endpoint protection & secure integration testing.