Blog 


Hello World ! I'm Satya Prakash

Security Analyst | Bug Hunter | Security Researcher | Penetration Tester

About Me

Hi, I am Satya Prakash 👋

I am a Certified Ethical Hacker with over 7 years of experience in IT Security, specializing in Vulnerability Assessment & Penetration Testing (VAPT) and Red Teaming engagements. I have hands-on expertise in Web, API, Mobile, Cloud, and Network penetration testing, along with experience in threat hunting, risk assessments, and incident management.

Proficient in methodologies like OWASP Top 10, SANS Top 25, MITRE ATT&CK, and OSINT. Skilled with tools such as Burp Suite, OWASP ZAP, Nmap, Nuclei, Nessus, Metasploit, Wireshark, and more, including manual testing techniques. I also have strong knowledge of frameworks such as ISO 27001, SAMA, NCA, and NIST.

Beyond professional work, I actively participate in CTFs like TryHackMe and HackTheBox, and contribute to Bug Bounty & Responsible Disclosure Programs. My contributions have earned multiple Hall of Fame mentions, acknowledgments, and swags for high-quality vulnerability reports.

My Blog Download My Resume

Skills

Web Application Penetration Testing

Network Penetration Testing

Android Penetration Testing

API Penetration Testing

Operating System - Linux/Windows

Bash Scripting





Python

HTML/CSS

JavaScript

Automation

GitHub

YAML

Experience

TechnoVal, Hyderabad

Penetration Tester & Risk Analyst

Dec 2023 - Present

  • • Conducted Red Teaming engagements on critical client assets, testing endpoint security, firewall bypass techniques, insider threat simulations, and advanced adversary simulation techniques, including phishing, lateral movement, privilege escalation, and persistence tactics to test organizational defences.
  • • Delivered multiple VAPT (Remote) and Risk Assessment (Onsite) projects for clients, identifying vulnerabilities and providing tailored security solutions.
  • • Led Security Awareness Training for employees, educating them on the latest security threats and best practices to mitigate risks.
  • • Utilized ChatGPT for tool development and automating VAPT report preparation, improving content quality and report generation efficiency.
  • • Performed comprehensive Web, API, Mobile, and Network Penetration Testing using WhiteBox, GreyBox, and BlackBox methodologies.

Vatins, Hyderabad

Cyber Security Analyst

Apr 2023 - Oct 2023

  • • Led and executed Red Teaming engagements for external clients, simulating real-world attack scenarios to evaluate their security posture.
  • • Worked on Internal and External Penetration Testing activities on the client scope of assets and reported the findings with a detailed VAPT Report.
  • • Conducted the Onsite Internal Network Penetration Testing and Threat-hunting activities on the Local Law Enforcement Agencies.
  • • Delivered the security sessions to the local police departments on the latest emerging techniques on how to use Open-Source tools to find and retrieve the Information needed as part of their investigations.

My Next Film Pvt Ltd, Remote

Web Application Security Analyst

Sep 2022 - Feb 2023

  • • Worked on Internal and External Penetration Testing activities on the MyNextFilm website.
  • • Reported the findings with a detailed VAPT Report and created the Jira tickets for each vulnerability with the Remediation steps.
  • • Co-ordinated with the developers in fixing the reported vulnerabilities.

CyberXchange · Internship, Hyderabad

Ethical Hacking

May 2022 - September 2022

  • • Perform web application pentesting.
  • • Perform mobile application pentesting.
  • • Documentations and writing reports.

Bug Hunting

Independent Security Researcher

May 2022 - Present

  • • Received Multiple Hall of Fames
  • • Received Multiple Swags
  • • Received Multiple Acknowledgements
  • • Received couple of Acknowledgements from NCIIPC & CERT-In
  • • Looking forward to making more contributions to Secure the Digital Assets

Genpact, Hyderabad

Process Developer

Feb 2019 - April 2022

  • • Worked as a Process Developer - Digital Crime Unit (DCU) with the following job responsibilities:
  • • Maintain and improve upon, as necessary, the existing vulnerability management program, including maintenance of scanning tools and licensing, procedures, reporting, and client communications.
  • • Investigate and create cases for security threats while performing initial triage and escalate for further investigation and mitigation.
  • • Monitor Security Alerts and investigate phishing emails by leveraging tools such as Proofpoint or reported by the users.
  • • Scan the Internal/External Assets and report the security vulnerabilities and fix or patch them by co-ordinating with the assigned developers.

EC-Council, Hyderabad

Research Associate (Information Security)

July 2017 - August 2018

  • • Worked on Information Security projects and developed Courseware for Industry standard certifications like CEH, CND, ECSA of EC-Council.
  • • Tested iLabs and reported security vulnerabilities.

Hobbies

CTF [ THM-2%]

CTF [ HTB-Noob]

Research and explore new technologies and certifications

Bug Hunting

Follow-up latest security incidents

Programming and Automation

Watching Web Series & Movies

Certifications & Achievements

Certifed Ethical Hacker (Practical)

EC-Council

Verify Certificate

Credential ID:ECC5931847602

November 01, 2022

Certified Secure Computer User

EC-Council

Verify Certificate

Credential ID:ECC47685271912

August 09, 2018

Cybersecurity Essentials

Cisco

Verify Certificate

Credential ID:b69f2a68-802b-4cd2-9173-0246597168bd

June 02, 2021

Cybersecurity Fundamentals

IBM

Verify Certificate

Credential ID:14ddec48-5e6a-4dd6-a96b-da61e7e72f79

June 06, 2021

Introduction to Cybersecurity Tools & Cyber Attacks

IBM - Coursera

Verify Certificate

Credential ID:7BN23DCXZ6JQ

June 22, 2021

Foundations of Operationalizing MITRE ATT&CK

AttackIQ

Verify Certificate

Credential ID: 6711

September 20, 2022

Certified Network Security Specialist

ICSI, UK (International CyberSecurity Institute)

Verify Certificate

Certification ID: 17431995

May 02, 2020

Network Security Associate (NSE-1)

Fortinet

Verify Certificate

Certification ID: taiVyECPCN

September 18, 2022

API Security Fundamentals

APIsec University

Verify Certificate

Certification ID: bf6e7494-7f36-436a-b000-a3056f6221aa

May 25, 2023

Education

PG Diploma (Information Security)

Indira Gandhi National Open University (IGNOU)
Hyderabad, Telangana

2020 - 2021

Bachelor of Technology (Information Technology)

DVRCET/JNTUH
Sangareddy, Telangana

2013 - 2017

Intermediate (10+2)

Nagarjuna Junior College
Sangareddy, Telangana

2010 - 2012

Matriculation (10th)

St Anthony's High School
Sangareddy, Telangana

2009 - 2010

Projects

Here are some of my key open-source security projects:

  • NucleiFuzzer: – Automated security testing tool integrating multiple reconnaissance and fuzzing tools. [GitHub]

  • NetFuzzer: Network vulnerability scanner with automation using Nmap, SMB, RPC, and Nuclei. [GitHub]

  • Shodanizer: – Automation tool to optimize Shodan scans and generate actionable intelligence. [GitHub]

Achievements

Hall of Fame

Inflectra     November 2022   Check here!

 Nokia    January 2023   Check here!

 David Tvildiani Medical Univeristy    November 2022   Check here!

Acknowledgement

TryHackMe    February 2023   Check here!

RealPage, Inc    January 2023   Check here!

CERT-In (5+ Reports)    October to December 2022   Check here!

NCIIPC India (A unit of NTRO)    November 2022   Check here!

Appreciation/Recognition Letter

Zyxel    February 2023   Check here!

Panasonic    January 2023   Check here!

Swag

SIDN    January 2023   Check here!

CircleCi    January 2023   Check here!

Hacklido    January 2023   Check here!



Contact Us

Please consider to drop query for additional info!

[email protected]

+91 9949968828

Support Me

Support me by donating a cup of coffee 👇