I was fascinated by CS since my childhood. Back in 2015-16, I started developing a MMO RPG which worked on PHP/MYSQL, which was my start in developing web applications, and back in 2018, I made by first step into cybersec, i loved finding flaws in web apps and reporting them, (I Still love making the internet secure).

Back in 2018 (June), I joined Amrita University for my undergraduation in Computer Science and is still pursuing my studies there.

I will be sharing my cybersec & CS experiences through this blog.

Area Of Interest: Application Security, Adversary Emulation.
My Achievements

• Google Hall Of Fame [Page 2] - Listed In Google Security Hall Of Fame's Page 2 for reporting several security flaws in Core Google Products.
• Google's TOP VRP Researcher For 2018 and 2019 - Google's One of the top researchers for the year 2018 and 19 consiquently.
• Received CVE-2018-9452 from Android for finding a security vulnerability which affected millions of android devices.
• Received CVE-2021-21371 for Arbitrary Code Execution from Tenable.
• Received CVE-2022-0764 for finding a vulnerability in strapi CMS.
• Received CVE-2022-0936 for finding a stored XSS on Autolab
• Facebook HoF - Listed In Facebook Hall Of Fame 2018 for finding a vulnerability in Facebook platform
• Apple HoF - Acknowledged By Apple In 2018 for finding a security vulnerability within the apple web services
• Microsoft HoF - Acknowledged By Microsoft for finding several security vulnerabilites in Microsoft.
• Redhat Hall Of Fame - For finding a security vulnerability in redhat
• Acknowledged by 40+ other companies such as Flipkart, Zoho, Currencycloud,Issu,Ecare.nl,Sidn.nl,Vocus Communications (New Zealand), US Defense, Intel, Avira, Royal Bank Of Scotland, Alienvault, De Nedersland Bank, Smokescreen, Ardoq, iWelcome, Crowdin, Zoho, SAPLabs.
• Invited By Google Security Team To Attend BountyCon - Attended BountyCon in Singapore, i was exclusively invited & fully sponsored by Google & Facebook back in Singapore [March 2019]
• Acknowledged By Zoho for finding security vulnerabilities in their platform - 2019
• Recieved Scholarship from @Crowdfense for attending Nullcon & Training on "Secure Boot Exploitation".
• Recieved Scholarship from EC-Council for CEH Practical+

Certifications

• Certified Red Team Professional (CRTP) - From PentesterAcademy
• CEH Practical - From EC-Council
• GFACT (GIAC) from SANS Institute
• Burp Suite Certified Practicioner (BSCP) (Issued by PortSwigger) - One of the first 30 to clear the BSCP examination
• INE Certified Cloud Associate (ICCA) - Issued by INE

Presentations & Talks

• Presented A Talk On "Domain Takeover" @ Defcon 0471 's 2nd MEETUP - BHUB TRIVANDRUM
• Speaker/Panel Member - Panel Discussion [Breaking Tech Giants] on CODESEC 2019 by KERALA POLICE
• Speaker/Panel Member - Panel Discussion [CTFs To Secure Career] - C0c0n 2020

Work Experiences / Community Interactions

• CTF Master & Volunteer @ DEFCON 29/30 Adversary Village
• Challenge Author @ InCTF International
• Associate @ DEFCON LOCAL GROUP 0471
• Served as Server Administrator/Developer for a famous Online MMORPG From 2016 - Present
• Serving as a Associate Volunteer for Kerala Police Cyberdome from 2018 to Present

Trainings & Workshops Attended

• Nullcon 2022 Training [Beyond Web Application Hackers Handbook] By Marcus Pinto
• Nullcon 2020 Training [Secure Boot Exploitation] By Niek Trimmers & Cristfaro.
• Active Directory Security Bootcamp [Red Teaming] By Nikhil Mittal
• Docker & Kubernetes Course By KodeCloud (Instructor: Mumsheed)
• Introduction To Azure AD Pentesting [Azure AD Pentesting] By Nikhil Mittal

Opensource Contributions

• Contributed to various OSS program's by ethically reporting security vulnerabilities in them, and also for patching.
• Contributed several TTP(s) to Prelude Operator (Tool for Adversary Simulation)