Aman Singh

Objective

A highly motivated and skilled Pentester and Bug Bounty Hunter with hands-on experience in web application security, vulnerability testing, and ethical hacking. Seeking a position to leverage my skills and knowledge in a Product Security Analyst role to contribute to securing digital platforms and enhancing security protocols.

Skills

• Proficient in manual and automated security testing tools like Burp Suite, Nmap, SQL and TOR.
• Expertise in identifying vulnerabilities like IDOR, XSS, SQL Injection, Remote Code Execution, and Security Misconfigurations.
• Expertise in OWASP Top 10 vulnerabilities and remediation.
• Experienced in submitting bugs on bug bounty platforms like HackerOne.
• Knowledge of network security and vulnerability scanning.
• Proficient in Python, Bash, JavaScript, and basic scripting for automating security tests.

Technical Proficiency

• Networking & TCP/IP (1+ years): Identifying network-based attack vectors.
• Web App Pentesting (1+ years): OWASP Top 10 focus, real bugs on HackerOne.
• Burp Suite (1+ years):Manual testing, Repeater, Intruder and Scanner
• Nmap (1+ years): Network enumeration, service detection, Port Scanning.
• Tor (1 years): Anonymous browsing and traffic obfuscation for research and testing.
• Wireshark (1 years): Packet analysis for traffic inspection and troubleshooting.
• SQL (1 years): Manual query crafting for SQL injection testing and data retrieval.
• Python (2 years): Automation scripts, simple exploits, parsing tools for bug bounty hunting.
• JavaScript (2 years): XSS payloads, client-side logic during pentests.
• Bash/Shell (1 years): Automated enumeration, scanning, system tasks in Kali Linux.

Experience

• Bug Bounty Hunter - Freelance (July 2024 – Present)
  • Conducted vulnerability assessments and penetration tests on various applications.
  • Reported and tracked findings through bug bounty platforms on HackerOne.
  • Prioritized vulnerabilities based on severity and impact to assist clients in mitigating risks.
  • Performed penetration testing on web applications, networks, and mobile applications for small businesses.
  • Used tools like Burp Suite, Nikto, and Nmap to identify security vulnerabilities.
  • Generated comprehensive reports and recommendations for enhancing security measures.
  • Delivered client presentations on vulnerabilities found and risk mitigation strategies.

Projects

• Vault Repository[GitHub] – Created Cybersecurity Vault containing Real-World use of Tools and Techniques for Testing.

Education

Class 12 (Science, Math, Computer Science) - CBSE, India (Passed: 2024)

Languages

• English: Proficient
• Hindi: Native

Interests

• Bug Bounty Hunting
• Ethical Hacking
• Cybersecurity Research
• Networking and Technology