I enjoy thinking like a hacker and, later, finding ways to fix what I could break while thinking like a hacker!
Web Application Penetration Testing, Manual Source Code Reviews and Threat Modeling are three of my top skills.
I enjoy giving back to the security community through open-source contributions. You can find my work
on Github. If my work
interests you, feel free to connect with me on
Linkedin.
I am currently an offensive security engineer at Praetorian based in the United States of America.
Praetorian (Austin, TX)
September 2024 - PresentResponsible for product, cloud and internal penetration testing engagements.
Northeastern University (Boston, MA)
January 2024 - April 2024Mentored junior Teaching Assistants, conducted lab sessions, graded assignments and assisted graduate students during the spring 2024 semester for the Computer Systems Security (CY 5130) course at the Khoury College of Computer Sciences, Northeastern University.
Entegris Inc. (Billerica, MA)
June 2023 - December 2023Responsible for resolving security incidents and proactively staying updated on the latest attacker tactics, techniques and procedures. Created specialized Standard Operating Procedures (SOPs) to enhance the organization's response processes to real-world scenarios.
Oracle Corporation (Bengaluru, India)
June 2019 - July 2022
Publicis.Sapient (Bengaluru, India)
Feb 2019 - May 2019Bookstore Management Application: Worked on the user interface for a multipage Bookstore Management application and carried out Static Application Security Testing to identify and resolve potential security flaws in the source code.
Khoury College of Computer Sciences, Northeastern University (Boston, MA)
2024B.M.S College of Engineering (Bengaluru, India)
2019Executed thorough passive reconnaissance on a top tier gaming peripheral
company and analyzed potential attack surfaces that could be used by an attacker.
Tools used: Spiderfoot, Shodan, Wappalyzer, TheHarvester, dnsdumpster
Gained foothold on given vulnerable machine using known exploits and escalated to root user privileges. Tools used: Metasploit, Nmap, BurpSuite
Studied and presented a case study of a data breach at a social media company that occurred in early 2019. Analyzed a different approach to the post breach scenarios.
Programmed a cryptographic system using Bash with which users can digitally sign, encrypt and share files among multiple users.
Setup a virtual machine to act as a firewall, DNS resolver and router for a host machine to be able to communicate with the internet
More on the way..!
C/C++, Python, Go, Java, Bash, Javascript, Powershell
Spring MVC, Hibernate ORM, RESTful APIs, Postman
Windows Active Directory Attacks, Linux and Windows Privilege Escalation, Tunneling, Pivoting
Antivirus Evasion, Client Side Attacks, Reverse Engineering
Microsoft E5, Secureworks Taegis XDR, TrendMicro Vision One, Tenable, MISP
HTML5, Bootstrap, react
BurpSuite, Wireshark, Metasploit, Nmap, Shodan, pfSense, OpenSSL
Docker, Kubernetes, Jira, Confluence, Git
Offensive Security Certified Professional (OSCP) [July 2024]
INE Security Junior Penetration Tester [May 2023]
HackTheBox Academy Pentester Path
Practical Ethical Hacker
Cryptography and Network Security, Cyber Incident Response and Digital Forensics, Threat Modeling, Penetration Testing Essential Learning
AWS Certified Developer training