Harsh Kumar
Ever wondered who's watching your back in the digital jungle? Thatโs where we come in, swinging from line to line of code like a cybersecurity Tarzan! ๐๐ฆ
By day, Iโm cracking codes and fortifying digital defence as a cybersecurity engineer. It's not just about breaking in; itโs about building digital moats so deep that even dragons would think twice! ๐๐ก๏ธ When the workday ends, I donโt just kick back; I thrive into bug bounty like a cyberPunk, seeking vulnerabilities wherever they may hide. ๐ต๏ธโโ๏ธ๐ฐ
But life isnโt just about bits and bytes; itโs also about chasing the wind on two wheels. Youโll catch me every Sunday morning, pushing the limits of speed and thrill on my bike, leaving no road unexplored and no speed limit untested! ๐ดโโ๏ธ๐จ
When I'm not deep in the hunt, you'll find me diving into self-help and business books, absorbing insights faster than a security algorithm processing encrypted data! ๐๐ก I also thrive on building connections, smashing sixes on the cricket field, acing volleyball serves, and exploring our world with the curiosity of a cybersecurity explorer. ๐๐๐
Who am I?
With 3+ years of comprehensive experience in web security, I have honed my skills in web security. In addition to my hands-on experience in web security, my bug bounty passion has played a critical role in providing a strong foundation for my career.
Here is my professional background.
Cyber Security Engineer
- Lead efforts in identifying and resolving security issues, implementing advanced measures like threat modeling and automation tools.
- Optimized Product Security Clearance process and conducted a developer bootcamp to enhance cybersecurity awareness.
Bug Bounty Hunter
- Discovered critical bugs for numerous multinational corporations and featured in the Hall of Fame for Apple, Google, Microsoft, and over 30 other MNCs.
Security Services Associate
- Conducted comprehensive security assessments for diverse sectors, led VAPT for a Fortune 500 Telecom Giant.
Blog
- Posted on: March 22, 2025 at 04:45 AM
Hacking GraphQL Applications: Part 2
- Posted on: March 11, 2025 at 06:30 PM
Hacking GraphQL Applications: Part 1
- Posted on: September 13, 2019 at 01:00 AM
Everything required to test a novel OAuth 2.0 implementation.
Featured Projects
Stay tuned for a series of captivating personal projects on the horizon!"
SentinelSSH
SentinelSSH: Advanced CVE-2024-6387 Vulnerability Scanner is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.
One Liner
The main goal is to share tips from some well-known bug hunters. Using recon methodology, we can find subdomains, APIs, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters.
MantraMatch
MantraMatch - A Go-powered tool for security engineers to swiftly identify and verify unknown API keys. It analyzes keys against a comprehensive service database, detecting potential threats and unauthorized access. Enhance your API security posture with rapid assessment of key origins, validity, and associated risks.
xploitfree-scanner
An Automated Multi-Tool Web Application Scanner. It is quite a mess for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof. Enter Xploitfree scanner.
Contact
Let's be awesome together!
As a cybersecurity enthusiast, I thrive on hacking and overcoming new challenges. If you're interested in collaborating or creating something great, don't hesitate to get in touch!
Get in touch!