I'm a Cybersecurity Engineer specializing in Vulnerability Assessment and Penetration Testing (VAPT) with hands-on experience in exploiting OWASP Top 10, Web, API, Android misconfigurations, and business logic flaws across enterprise applications.

• 🏢 Currently working as Information Security Engineer at Harrier Information Systems PVT LTD
• 🎓 Bachelor of Engineering in Computer Science (Cyber Security) from RCOEM (CGPA: 7.6/10.0)
• 📍 Based in Nagpur, Maharashtra, India
• 🔍 Proficient in discovering vulnerabilities related to authentication, authorization, injection flaws, business logic bypasses, server misconfigurations, and API-specific issues
• 🐍 Experienced in automating test cases and exploit development using Python, Bash, and JavaScript
• 🎯 30-day notice period - Open to new opportunities

SQLi XSS SSRF RCE IDOR File Inclusion Auth Bypass XXE Command Injection API Misconfig BOLA Broken Auth CSRF Subdomain Takeover Clickjacking Session Fixation CORS Misconfig Insecure Deserialization

Technologies: PHP Laravel WordPress CodeIgniter Incident Response Backdoor Analysis

Led end-to-end incident response involving broken authentication leading to RCE exploitation chain, analyzed obfuscated PHP backdoors, removed SEO spam injections, and reinforced server entry vectors.

Technologies: Java Burp Suite Python Security Automation

Developed sophisticated Burp Suite extension for automated detection of shell access patterns and exploit chain automation during black-box assessments.

Technologies: Python Red Team Exploit Development Automation

Comprehensive suite of offensive security tools including buffer overflows, bind shells, SSH brute forcing, keyloggers, and hash cracking utilities.

Jun 2024 – Present | Notice Period: 30 days

• Performed black-box and gray-box VAPT across enterprise-grade web applications
• Discovered critical issues: SQLi, RCE, SSRF, IDOR, Broken Authentication & Access Control
• Led BNHS incident response: analyzed obfuscated PHP backdoors and RCE exploitation chains
• Delivered detailed technical reports with PoCs and remediation steps

Jun 2023 – Jun 2024

• Developed offensive security tools and PoCs in Python
• Simulated red team attacks: Kerberoasting, AS-REP Roasting, Pass-the-Hash
• Created custom Burp Suite extensions for shell access pattern detection
• Used BloodHound and CrackMapExec for internal network recon

Shri Ramdeobaba College of Engineering and Management (RCOEM) | 2024

• CGPA: 7.6 / 10.0
• Coursework: Network Security, Operating Systems, Cryptography, Ethical Hacking, Web Application Security

• 🥇 Bug Bounty Hunter - Hack The Box Academy (2025)
• 🥇 Practical Ethical Hacking – The Complete Course - TCM Security (2024)
• 🥇 Intro to Bug Bounty Hunting and Web Application Hacking - NahamSec (2025)

• 🔭 Enhancing advanced penetration testing techniques
• 🌱 Improving Python skills for security automation
• 🛠️ Developing custom security tools and frameworks
• 📚 Contributing to open-source security projects
• 🎯 Participating in bug bounty programs and CTF competitions