Work & Expertise

Portfolio

A snapshot of my security work, specialisations, and certifications. Built over 3+ years of enterprise VAPT engagements.

400+
Engagements
5,000+
Assets Tested
274
Critical Vulns
10
Client Appreciations
Specialisations

What I do best

Enterprise infrastructure pentesting, PCI DSS compliance assessments, Active Directory security, and banking-grade infrastructure audits.

Internal VAPT External Pentest AD Security PCI DSS ASV CERT-IN Audits Web App Testing Docker Security DC/DR Validation
Tools & Stack

Daily toolkit

Industry-standard offensive security tools used across hundreds of real-world engagements in banking and enterprise environments.

Nmap Nessus Qualys Burp Suite Metasploit BloodHound Mimikatz Impacket Kali Linux
Certifications

Credentials

  • OSCP+ — Offensive Security (Dec 2025)
  • OSCP — Offensive Security (Dec 2025)
  • eCPPTv2 — INE Security (Apr 2024)
  • eWPTXv2 — INE Security (Feb 2024)
  • Advanced Penetration Tester — EHackify (Mar 2023)
  • Reverse Engineering — U.S. Dept. of Homeland Security
  • DNS Attacks — U.S. Dept. of Homeland Security
  • Ethical Hacking Essentials — EC-Council
Notable Engagement

PSU Banking Infrastructure Audit

Currently deployed onsite at a public sector bank — conducting a 1500+ IP internal core banking infrastructure assessment under the CERT-IN empanelled auditor framework.

Scope 1,500+ IPs
Applications 7 mission-critical
Framework CERT-IN
Environment DC & DR
Industries

Sectors tested

Work spans regulated, high-stakes industries where security failures have real consequences.

Banking & PSU Fintech Healthcare Multinational Insurance
Frameworks & Standards

Compliance experience

  • PCI DSS — ASV scanning, IVA, EPT cycles
  • CERT-IN — Empanelled auditor framework
  • OWASP Top 10
  • CVSS v3.1 scoring
  • NIST framework
  • ISO 27001 (exposure level)

Want to work together?

Open to VAPT projects, compliance audits, and advisory roles. Let's talk.

Get in touch →