About Me
I'm a cybersecurity professional with 2+ years under my belt. My main expertise? Penetration testing web, Android, and iOS applications, especially for BFSI clients. I excel at getting past tricky security features like SSL pinning and root detection, often with Frida and Objection. I now leverage AI and locally hosted LLM models to enhance my work, from automating tasks to refining custom security tools. Plus, I always ensure my security assessments align with industry regulations. I'm passionate about learning constantly and keeping up with the latest threats. Ultimately, I aim to empower organizations to boost their security by sharing what I know and using advanced, proactive methods.
Experience
Consultant - Cyber Defence & Resilience June 2025 - Present
Deloitte Touche Tohmatsu LLP - Mumbai, Maharashtra
• Leading comprehensive security assessments of applications for more than 10 clients.
• Developing and integrating AI algorithms to refine script effectiveness and adapt to evolving threats.
• Driving efficiency by actively exploring and implementing AI-driven automation frameworks, potentially leveraging locally hosted LLM models and specialized Model Context Protocol (MCP) servers .
• Mentoring and empowering client teams on best practices in application security. This includes educating teams on the practical applications of AI in cybersecurity, such as threat intelligence analysis and anomaly detection.
• Collaborating closely with diverse stakeholders, including senior client leadership, to translate complex security challenges into actionable strategies and present comprehensive assessment findings and recommendations.
Senior Analyst - Cyber Defence & Resilience June 2024 - May 2025
Deloitte Touche Tohmatsu LLP - Mumbai, Maharashtra
• Performed security assessments for 25+ applications, identifying critical vulnerabilities such as SQL Injection, XSS, and insecure authentication.
• Developed custom Frida scripts to bypass SSL pinning and root detection mechanisms.
• Automated the reconnaissance phase using a custom Linux-based tool, improving efficiency by 30%.
• Trained internal teams on mobile application security assessments.
Analyst - Risk Advisory - Cyber Operate April 2023 - May 2024
Deloitte Touche Tohmatsu LLP - Mumbai, Maharashtra
• Performed security assessments and revalidations for 15+ applications.
• Developed automated python scripts for assessing commonly found vulnerabilities.
• Supported multiple clients in remediation vulnerabilities across various technologies.
Certifications
Education
Post Graduate Diploma in Cybersecurity & Forensics 81%
CDAC, Tiruvanathapuram, Kerela 2022
Master of Business Administration 72%
TMBU, Bihar 2021
Bachelor of Engineering 71%
RPSIT, Bihar 2017
Personal Projects
Reconnaissance Tool for Linux
A custom tool to automate initial scanning and data gathering for penetration testing.
• Increased efficiency during reconnaissance by 30%.
• Supports multi-threaded scanning and API integration.
Interactive Vulnerability Manager
A Docker-hosted vulnerability management tool aligned with OWASP and PCI-DSS standards.
• Features include state saving, CVSS scoring, and PDF/Excel export options.
• Facilitates efficient vulnerability tracking and management.
DNS Server
A private DNS-server for efficient network routing and control.
• Effectively monitoring and blocking privacy invading services.
• AI based optimization for blocking unwanted services.
Skills
Cybersecurity Tools
BurpSuite
OWASP ZAP
Frida
Objection
MobSF
JadxGui
Ghidra
Other Tools & Platforms
Docker
Git
Kali Linux
Metasploit
WireShark
Security Mechanism Bypass
SSL Pinning
Root Detection
Hooking Detection
Frameworks
OWASP Top 10
Common Weakness Enumeration
Comman Vulnerabilities & Exposures
Networking
TCP/IP
VPN
Firewall
DNS Filtering
Soft Skills
Research Methodology
Communication
Teamwork
Collaboration
Client Interaction
Continuous Learning