Rohit Kumar

Cybersecurity Researcher | VAPT Specialist | Penetration Tester

CyberSecurity Professional with over 5.5 years of experience, including 3.5 years in freelance bug bounty hunting and 2+ years in Internal roles. Skilled in web application vulnerability analysis, CTFs, VAPT and CVE researcher. Currently working as a Cyber Security Research Engineer at Rapifuzz Pvt Ltd and pursuing the OSWE Certification. Brings strong hands-on experience in penetration testing and security assessment.

Get In Touch View Projects
01101000 01100001
01100011 01101011
01100101 01110010
01110110 01100101
01100111 01100001
01110011 00110000
00110000 00110001

About Me

I am a passionate Cybersecurity professional with a strong focus on Vulnerability Assessment and Penetration Testing. My expertise extends to cryptography, secure coding practices, and network security.

Currently pursuing OSWE Certification, I am constantly expanding my knowledge and skills in the rapidly evolving field of information security.

rohit76380verma@gmail.com
+91 8630588013
Roorkee, Uttarakhand, India

My Skills

Security

Web Penetration Testing
VAPT
Andorid Penetration Testing
Network Penetration Testing
Cloud Security Testing
Bug Bounty & Responsible Disclosure
Windows & Linux System Administrator

Programming & Scripting

Bash
PowerShell
Python
Ansible

Tools & Technologies

Automation Tools
AWS
MySQL
GitHub
Docker
Splunk
BurpSuite
Ghidra

Projects

CVE-2024-26521

HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component.

Penetration Testing Bug Hunting

Offensive-Security Certified Professional Notes.

Offensive Security Certified Professional Notes

OSCP Penetration Testing Security

Youtube Channel

CyberSecurity Youtube Channel.

CTFs CyberSecurity Network Security

Nmap Port Scanner

Python-based port scanner that detects open ports on single or multiple IPs, supports custom port ranges, uses socket timeouts for efficiency, and provides color-coded output.

Python Network Security Socket Programming

Experience

CyberSecurity Research Engineer

Rapifuzz Pvt Ltd.

Jan 2023 – Present
  • Conducted vulnerability assessment and penetration testing manual and using automation tools.
  • Performed manual testing to identify security vulnerabilities in web applications
  • Documented findings and provided remediation recommendations to clients
  • Create new workflows and modifying exiting workflows/DFDs ad per product changes, requirement and help optimize the application.
  • Create and identify vulnerable applications for security research and testing.
  • Discover and research new product features, new scenario, or test cases to create or identify vulnerable applications.
  • Research, Outline, Write, and edit new and exiting flows/technical documentation.
  • Technical writing of blogs and research papers on relevant topics, as per specialization.
  • Perform VAPT (Vulnerability Assessment and Penetration Tesitng) on Web and API Endpoints.

Freelance Security Researcher

Bugcrowd, Hackerone | Remote

Jan 2020 – Jan 2023
  • Performed full time-bug hunging and responsible disclosre on platforms including Hackerone and Bugcrowd.
  • Discovered and reported critical vulnerabilities including XSS, IDOR, SSRF, Privilege Escalation and Authentication Bypass across various private and public programs.
  • Earned multiple Acknowledgements and bounties from global tech companies.
  • Devloped custom scripts and tools to automate reconnaissance and testing workflows.
  • Maintained detailed documentation for reported vulnerabilities with proof-of-concept (PoC) and impact analysis.

Education

BSC in Computer Science

Sri Dev Suman University, Uttarakhand

2016 – 2020

Class XII

RMPPV Inter College

2016

Percentage: 78.8%

Class X

RMPPV Inter College

2014

Percentage: 43.6%

Certifications

Certified Ethical Hacker (CEH)

EC-Council

CompTIA Security+

CodeRED

Computer Hacking Forensics Investigator (CHFI)

Thetechunique

Offensive Security Web Expert (OSWE)

Offensive Security

In Progress

Achievements

Advent of Cyber 2022

Issued on December 24, 2022

Advent of Cyber 2021

Issued on September 10, 2022

Trainings & Courses

TryHackMe Security Paths

  • Pre Security
  • Jr Penetration Tester
  • Web Fundamentals
  • Offensive Pentesting
  • CompTIA Pentest+

SimpliLearn Training

  • CompTIA Network+
  • Introduction to Cyber Security
  • Linux Training

Udemy Security Courses

  • Complete Ethical Hacking Bootcamp
  • Complete Ethical Hacking Course With ParrotOS 2022

EC-Council CodeRed

  • Top 100 Interesting Bugs
  • Getting Started with IoT Security
  • Introduction to Web Forensics
  • Cybersecurity: Cloud Security
  • CompTIA Security+

Get In Touch

Email

rohit76380verma@gmail.com

Phone

+91 8630588013

LinkedIn

Connect with me