available for work

Web Application
Pentester.

Self-taught security researcher focused on web application vulnerabilities, recon automation, and OWASP Top 10 methodology. Building practical skills through real-world testing and open-source tooling.

get in touch github linkedin medium
17 months hunting
30+ reports submitted
4★ open source tool
skills

Reconnaissance

Subdomain enum Asset discovery JS analysis Endpoint mapping Subfinder Assetfinder httpx crt.sh

Web App Testing

OWASP Top 10 IDOR XSS SQLi CSRF Auth bypass Path traversal Open redirect

Tools

Burp Suite Nmap Nikto Wireshark Postman OWASP Juice Shop PortSwigger Labs

Scripting

Python Bash / Shell JavaScript SQL Kali Linux Report writing
projects

SubFinder-Tool

Bash-based subdomain enumeration tool integrating subfinder, assetfinder, crt.sh, and httpx. Produces timestamped, deduplicated, and live-validated output organized per source.

★ 4
Shell Recon Automation
view on github →

Cybersecurity Vault

Open-source curated reference covering payloads, tools, and techniques for web application pentesting. Includes XSS, SQLi, LFI, command injection, and subdomain takeover references.

HTML Payloads Reference
view live →
write-ups
Session

The Logout That Wouldn't Die

Replay attack on session logout — logic flaw analysis and remediation walkthrough.
Recon

Write-up coming soon

Methodology post on subdomain enumeration and asset discovery workflow.

view all on medium →
training

PortSwigger Web Security Academy

SQLi, XSS, CSRF, IDOR, Authentication, Path Traversal, Access Control — Apprentice + Practitioner levels

completed

OWASP Juice Shop

Hands-on exploitation of intentionally vulnerable web application across multiple vuln categories

completed

Blockchain Security & Smart Contract Auditing

EVM, DeFi protocol vulnerabilities, reentrancy, flash loans, access control flaws — self-study

completed
contact

Let's work together.

Open to entry-level VAPT and application security roles. Based in India, open to relocation.

Aman.Singh.Pentest@gmail.com