About

Computer science engineer with a keen interest in the field of information security and secure software development. I specialize in Web application penetration testing, API penetration testing and have decent skills in full stack web development. I write tech blogs on the topics that I find interesting.

  • Address: Bokaro, India
  • Email: aamiropti@gmail.com
  • Resume: Download

Interests

Penetration testing

Secure software development

Full stack development

Bug hunting

Software Engineering

Algorithms

Education

Integrated M.tech, Computer Science

2018 - 2023
Relevant Coursework
  • Computer and network security
  • Database and web development
  • Data structures and algorithms

Online Certification

Google IT support

Certified Network Security Specialist

Data Structures and algorithms

Introduction to Cybersecurity

Cybersecurity Essentials

Experience

Atlan

October 2022 - April 2024

Security Engineer

  • Conducted multiple internal/external VAPT and liased with external auditors.
  • Built an automation on CI/CD pipelines to triage and notify SAST/DAST/IaC and secret scans..
  • Cloud Security Posture Management, SIEM, Security Operations.
  • Sucessfully achieved SOC2, GDPR and HIPAA compliance.
  • Built responsible disclosure program from scratch and automated all redundant process.

Payatu

February 2022 - Present

Security Consultant Intern

  • Worked on penetration testing, user acceptance testing, code review, API testing etc for various clients.
  • Prepared thorough reports including description, PoC, severity and mitigation for the test results.
  • Published blogs on various topics related to web application security.

SecureLayer7

October 2021 - January 2022

Security Consultant Intern

  • Worked for various national and international client on penetration testing projects.
  • Performed WAPT, API PT , prepared attack narrative and deatiled PoCs.

National Critical Information Infrastructure Protection Centre.

June 2021 - July 2021

Security Research Intern

  • Worked with government of India on the develpment of a highly confidential automation tool.
  • Migrated from CLI based automation to full fledged web application that offers one-click processing.
  • The tool is being used by India's nodal agency for Information Security.

Hackdev Technology Pvt. Ltd.

August 2021 - October 2021

Security Analyst Intern

  • Developed CTF labs for training and deployed them using dokcer.
  • Worked on VAPT for both internal Infrastructure and external clients.
  • Performed secure integration of payment gateway.

Cybersapiens United LLP

Feb 2021 - August 2021

Red Team Intern

  • Red team assessment for various clients.
  • Conducted workshops and training sessions related to web application security.

Projects

Gamified approach to information security Training.

Web Vulnerability Scanner Framework

Sharecare Solutions

Agro-krishi

Agro-KRISHI

Skills

Languages and Databases

C++ vectorlogo.zone vectorlogo.zone vectorlogo.zone upload.wikimedia.org vectorlogo.zone

Frameworks

vectorlogo.zone vectorlogo.zone vectorlogo.zone vectorlogo.zone

Tools

vectorlogo.zone vectorlogo.zone vectorlogo.zone vectorlogo.zone vectorlogo.zone vectorlogo.zone

My blogs

What does a Cyber Security Analyst Do?

cyber-security-analyst

MITRE ATT&CK Framework

mitre-att-ck-framework

JWT Attacks

feature-image

Content Security Policy.

Spring4Shell CVE 2022-22965.

OTP Bypass using Burp Suite

Contact

Social Profiles

Email

aamiropti@gmail.com