Specializing in offensive security and ethical exploitation. I break into your systems so the bad guys can't. Let's make your infrastructure bulletproof.
Focused on Infrastructure Security and Application Security, I bridge the gap between development and defense. My mission is to provide expert Cybersecurity Consulting, offering manual penetration testing and automated vulnerability scanning to harden your DevSecOps pipeline and safeguard sensitive customer data.
* Conduct comprehensive VAPT across mobile (iOS & Android), web applications, APIs, and internal systems using Burp Suite, MobSF, Nmap, and custom scripts.
* Performed source code reviews for Java, .NET, Node.js, and Python applications using Fortify, SonarQube, and manual secure coding analysis.
* Identified and triaged 50+ critical vulnerabilities across 12 enterprise applications, reducing the overall attack surface by 40%
* Executed Mobile application security testing, including static/dynamic analysis, reverse engineering, Frida-based runtime manipulation, and MASVS compliance checks.
* Led RBI Cybersecurity Audit compliance for a major Fintech client, ensuring 100% adherence to regulatory standards and closing 85+ high-risk findings within tight deadlines.
* Collaborated with developers to achieve a 90% remediation rate of critical vulnerabilities within a 30-day window.
* Conduct comprehensive vulnerability assessments and penetration tests on networks and web applications using Nessus, Nmap, Burp Suite etc.
* Identify and exploit vulnerabilities in internal and external systems, providing detailed reports on findings, including risk ratings and remediation strategies.
* Partnered with DevOps teams to integrate security checks into the CI/CD pipeline, reducing post-deployment vulnerabilities by 30%.
* Performed vulnerability assessments and penetration testing for various clients, identifying critical security vulnerabilities in network infrastructure and web applications.
* Utilized tools like Metasploit, Wireshark, and Nmap to conduct penetration tests and gather data on potential exploits.
* Delivered detailed reports and presentations to clients, outlining the findings, and potential business impacts, and prioritized remediation steps.
Developed an innovative artificial intelligence system designed to enhance daily productivity and user interaction through seamless voice commands. This versatile AI integrates advanced Natural Language Processing (NLP) to accurately interpret and execute tasks including communication management, application control, and automated system commands. This project demonstrates my expertise in Software Development and system integration, reflecting a deep focus on creating intuitive, efficient, and secure human-computer interactions.
Protectium is an advanced web-based Multi-Factor Authentication (MFA) system designed to neutralize credential-based attacks. By implementing three-factor verification, Protectium significantly reduces the risk of unauthorized access, securing sensitive online interactions. Recent deployments have demonstrated a 40% improvement in security metrics and a 15% boost in user engagement through seamless, secure account management. This project highlights my expertise in Identity and Access Management (IAM) and secure system architecture.
AegisScan: AI-Assisted VAPT Framework AegisScan is a cutting-edge, open-source security platform that augments traditional penetration testing with Artificial Intelligence. By integrating an AI Reasoning Layer, AegisScan doesn't just find vulnerabilities—it interprets them, filters out false positives, and generates actionable remediation paths. It bridges the gap between raw scan data and executive-level security intelligence.