About me

Hey there, I’m a Security Consultant from India currently working at a cybersecurity startup. Previously, I was part of Payatu, where I co-led the Red Team Tower and had the opportunity to manage and collaborate with a team of highly skilled cybersecurity engineers. As part of my current role, I consult with companies on a range of infrastructure-related security assessments, helping them identify and mitigate critical risks. I’m deeply passionate about solving complex cybersecurity challenges—whether they come through real-world projects, CTFs, Boot2Root Machines, or personal Homelab projects

As someone who is entrusted with the task of protecting organizations from cyber risks and vulnerabilities, I evaluate their products and infrastructure, pinpoint potential issues, and offer comprehensive remediation plans to minimize the risk of cyber-security incidents. Moreover, I maintain a platform where I share my views on different Cyber Security matters. Interested readers can explore my blog to find such articles.

P.S: If it interests you to know why I go by the alias 0xpurecha0s, read this.

What i'm doing

  • Infrastructure & Network Security

    I can help perform in-depth infrastructure and network security assessments for your organization. These assessments are designed to uncover misconfigurations, exposed services, insecure protocols, and architectural weaknesses across on-prem, cloud, and hybrid environments. I've conducted such evaluations for numerous organizations, including several in the Fortune 500, helping them strengthen their foundational security posture and mitigate real-world risks.

  • Website Pentesting

    I offer comprehensive web application penetration testing to identify and exploit vulnerabilities in websites, APIs, and associated backend components. These assessments simulate real-world attack scenarios — including injection flaws, authentication bypasses, business logic abuse, and client-side attacks — to evaluate the security of your application. I’ve tested a wide range of applications, from startups to enterprise-grade platforms.

  • Mobile Application Pentesting

    I also have some background in testing for security issues in Mobile Application (iOS/Android).

  • Cloud

    I have a very strong background in testing for security issues on cloud platforms like Azure and AWS. I have highlighted very serious configuration issues which have helped organization in securing their Cloud Infrastructure.

Resume

Education

  1. Dronacharya College of Engineering, Gurgaon

    2015 — 2019

    Bachelors of Technology (B.Tech) - Information Technology

Work Experience

  1. Confidential

    August 2024 - Present

    Security Consultant August 2024 - Present
    1. • Working on multiple projects involving Infrastructure, Network, and Cloud Security assessments concurrently, offering guidance on understanding their business implications and devising actionable remediation strategies.
    2. • Undertook comprehensive security measures for both AWS cloud and on-premise infrastructure within the Red Team, ensuring complete protection and responsible red teaming practices.

  2. Payatu

    October 2021 - August 2024

    Senior Security Consultant April 2023 - August 2024
    1. • Managed multiple projects involving Red Team/Adversary Simulation, Network, and Cloud Security assessments concurrently, offering guidance on understanding their business implications and devising actionable remediation strategies.
    2. • Automated provisioning and configuration of Red Team infrastructure, including C2 servers, GoPhish, and Evilginx, utilizing Terraform, Ansible, and Docker automation. Achieved a 67% reduction in weaponization efforts through streamlining processes.
    3. • Undertook comprehensive security measures for both AWS cloud and on-premise infrastructure within the Red Team, ensuring complete protection and responsible red teaming practices.
    4. • Crafted a documentation framework employed as a collaborative knowledge repository for Red Team Assessments, facilitating the generation of timelines, recording significant events and details, ensuring thorough documentation of assessment’s activity.
    5. • Conducted client training sessions aimed at safeguarding against social engineering threats. Delivered comprehensive instruction on various techniques and tactics to fortify defenses against these types of attacks.
    Security Consultant May 2022 - March 2023
    1. • As a Co-Lead, provided guidance and oversight within the Red Team. Developed strategies for continuous training to ensure Red Team remained current with the latest technologies, resulting in a highly effective team within the organization.
    2. • Communicated and collaborated with clients, vendors, and relevant authorities to contribute to strategic planning, identify potential vulnerabilities, and devise effective risk mitigation strategies.
    3. • Developed and documented strategies and Standard Operating Procedures (SOPs) to optimize Vulnerability Assessments/Penetration Testing (VAPT) and Adversary Simulation (Red Team) practices within the organization, enhancing efficiency and effectiveness.
    4. • Crafted numerous Capture The Flag (CTF) challenges centered around Network and Cloud domains to support a recruitment campaign.
    Associate Security Consultant October 2021 - April 2022

    1. • Performed comprehensive security evaluations on client infrastructure and web applications through vulnerability assessments, penetration tests, red team simulations, and social engineering attacks. To identify security vulnerabilities, expedited remediation processes, and minimized overall risk exposure.
    2. • Automated internal and external network vulnerability and service scanning using wrapper scripts for tools like nmap, masscan, and nuclei, optimizing workload distribution and improving result accuracy while reducing scan time by 52% and inaccuracy by 3%.

  3. Web and Solution Architect (Intern) at Panchsheel Pvt. Ltd.

    January 2019 — May 2019

    Interned as a Web and Solutions Architect at Panchsheel Pvt. Ltd. Introduced many changes to their website incorporating many performances and security issues. Created several tests and scripts for optimisation & deployment of production-level changes eventually leading to faster deployments according to requirements from the Marketing and Sales team.

  4. Solutions Architect and Android Engineer (Intern) at Orgzit

    June 2018 — July 2018

    Interned as a Solutions Architect and Android Engineer at Orgzit. Created close to 50 Unique Solutions and Project Templates specially catering to the requirements and problems faced by Clients from various sectors/industries. Resolved some performance issues on Orgzit's mobile platform leading to better end-user satisfaction.

My skills

  • Web Application Security
    75%
  • Cloud & Offensive Security
    85%
  • Network VAPT
    90%
  • Social Engineering & OSINT
    80%

Contact

Get in Touch ?

Send Me an Email At :


Find my PGP Key :

As another option, you could choose to complete and submit this form.