About Me
I’m a Lead Security Engineer at CRED, working closely around Web, Mobile, and Cloud Security. I specialize in identifying vulnerabilities in distributed systems and building scalable secure SDLC pipelines.
I'm an active bug bounty hunter on platforms like HackerOne, Synack Red Team, and YesWeHack, with over 150+ high and critical vulnerabilities reported to organizations including Google, Amazon, Atlassian, and Meta.
I’ve been part of HackerOne’s exclusive live hacking event h1-2103, where selected researchers targeted Amazon’s infrastructure. Currently, I’m the top-ranked hacker in India’s bug bounty program on HackerOne.
I’m also a competitive CTF player — winning events like H1-100k CTF, Hacky Holidays, H1-2006 CTF, BugPOC CTFs, and more.
I build security tools like DVBA, Vuldroid, Patronus, and LLM-based vulnerability analyzers, combining offensive insights with automation.
I’ve delivered talks at Black Hat (Asia & Europe), BSides, and ThreatCon, and regularly organize HackerOne Bug Bounty Talks to mentor and grow the hacking community.
I also publish blogs covering bug bounty techniques, CTF writeups, cloud and AI security.
I work with startups and enterprises to perform end-to-end security assessments on web, mobile, and cloud environments.
📧 If you're looking for a good set of security assessment, feel free to reach out: Email.