I’m currently working as a security consultant in one of the consultancy firm based in India.
Following are the key highlights about me:
- Experienced in attacking and defending enterprise systems and networks.
- Key focus of my research is to find advanced attacks and vulnerabilities in web, mobile and network services.
- Usually spend my time by doing self research more into offensive security.
- Highly engaged and active at assessing the security of various organizations and open source projects.
Pentesting an IOT based Biometric Attendance devicehttps://medium.com/bugbountywriteup/pentesting-an-iot-based-biometric-attendance-device-10c0efd69392
A writeup of one of my pentest engagements where I was tasked to pentest a Biometric Attendance Device. The writeup shows how I was able to achieve root by leveraging several misconfigurations on the device.
OAuth Misconfiguration leads to Account Takeoverhttps://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
A case study which shows how I was able to achieve account takeover due to misconfigured OAuth.
Bypassing IDOR via Parameter Pollutionhttps://medium.com/@0xgaurang/case-study-bypassing-idor-via-parameter-pollution-78f7b3f9f59d
A case study which shows how it was possible to bypass traditional IDOR using parameter pollution.
I’m super approachable and do not hesitate to contact me. You can reach me out on my email id: firstname.lastname@example.org or can reach me on my social media profiles. My DM’s are always open.