A passionate cybersecurity enthusiast with a proven track record in Vulnerability Assessment & Penetration Testing, Security Research, and Bug Bounty Hunting. Got recognized by 200+ companies for reporting various security issues over the past 4 years.
🎯 Professional Expertise:
With a solid understanding of information security, I specialize in conducting comprehensive Pentesting for various technology aspects:
✅ Web Application
✅ APIs
✅ Mobile Application (Android & iOS)
✅ Internal & External Network
✅ Python and Bash scripting for automation.
✅ YAML for writing custom signatures to identify vulnerabilities in the wild.
I have elementary knowledge of Thick Client Pentesting and Cloud infrastructure (mainly AWS) as well, with years of experience in writing comprehensive technical reports, along with high-level executive reports.
🐛 Some of my findings in CRM and other assigned CVEs:
✅ Microsoft Dynamics CRM
✅ SAP
✅ CVE-2022-32436,32437,32438,32439
✅ CVE-2022-32068,32069
🚀 Achievements & Recognition:
I've registered multiple CVEs and appointed as HackerOne Ambassador. I am also part of Synack Red Team and Detectify, currently in an all-time top 175 hackers globally at bugcrowd and recognized as Bounty Slayer (2x) and MVP (5 times).
🏆 Certifications:
My commitment to excellence has led me to achieve various globally recognized industry-standard certifications, including CREST - CPSA, CEH v11, and certificates offered by eLearnSecurity and TheSecOpsGroup for Web, Mobile & Network. These certifications validate my skills and dedication to the domain of cybersecurity.
🌐 Get in Touch:
I'm always eager to connect with like-minded professionals and individuals who share the same passion. I am open to new opportunities and contract basis work (both short-term and long-term). Feel free to reach out via email at uditpratap25@gmail.com or over LinkedIn/Twitter if you see my profile a potential fit.
🔍 AMA, talks and other coverage:
- Recognized by NCIIPC (Gov. of India): https://www.nciipc.gov.in/documents/NCIIPC_Newsletter_July19.pdf
- AMA: https://twitter.com/sillydadddy/status/1365603413623377922
- Talk with ResetHacker: https://www.youtube.com/watch?v=ZxKsmXAWMrs
- Twitter: https://twitter.com/udit_thakkur
📝 Blogs:
- Empirical Analysis of ApacheServer - Path Traversal & RCE: https://secops.group/an-empirical-analysis-of-apache-server-2-4-49-and-2-4-50-file-path-traversal-and-remote-code-execution-vulnerabilities/
- Learning Path for BugBounty: https://medium.com/hackcura/learning-path-for-bug-bounty-6173557662a7
Performance Stats