Rahul Thakur

Infosec Enthusiast | WAPT |VAPT [email protected]

https://www.linkedin.com/in/rahul-thakur7/
https://github.com/Rahul-Thakur7

Motivated and detail-oriented Penetration Tester with 9 months of experience in Web App Penetration
Testing, Vulnerability Assessment. Self-motivated, and a keen learner with knowledge of Tools aswell as
Manual Testing.

Education
BNN College Bhiwandi, University of Mumbai [2018- 2021]
Bachelor of - Computer Science |7.43 CGPA |

Experience

QRC Assurance And Solutions Pvt. Ltd. | Analyst – Security [present]

 Responsibilities – Vulnerability Assessments, Penetration Testing. Device Hardening, Application

Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting.

Cybertix.in | Cybersecurity Researcher & Pen Tester [link] [1 Jul – Sept 2022]
 Web App Pen Testing - Prepared checklist according to the industry standards & Performed
Manual Web App Pen Testing as well as used Tools like Nmap, Burp Suite, OWASP ZAP,
Wapiti,Recon-ng, GoogleDorking, Shodan, Fuff, Dirbuster, Wappalyzer. Found va rious
Vulnerabilities like XSS, Rate limit, Auth issues, various exposed Ports, File upload
Vulnerability, outdated & vulnerable versions of Technologies.
 Worked on 10+ website for Penetration Testing.
 Work - I Follow OWASP checklist and guide during projects
- Making professinol reports about findings and updating Team lead

Virtually Testing Foundation |Cyber Security Engineer Intern [link] [May 2022 –Jun 2022]
 Completed 7/10 week internship and secured place in 150 outoff 1300 interns
 Worked on given security related task and solved 17+ tryhackme rooms and given courses
 Created professional reports about findings and tasks submitted on given time.
 Learnt to practically apply my skills to break into the systems

Feather's Group |Digital Investigation and WAPT [link] [Jan 2022 –May 2022]
 Learnt practical based WAPT VAPT
 Web technology , web programmming , OWASP top 10 vulnerability
 Completed hacking task( WebGoat, Sqli audi beginner, tryhackme, portswiggerlab)
 Learnt Android Application Pentesting basic
 Solved CTF machine and created reports on CTF exam
 Learnt about real-world recon tools and technique, social engineering tools to attempts and
practically to find security vulnerability.

Skills
 Network, Web App & | VAPT |
 OS - Windows, Kali Linux,
 Networking - OSI Model, TCP/IP , Ports & Protocols
 Tools - Nmap, Burp Suite, Wireshark, Nessus, Recon-ng, Shodan, Dirbuster, OWASP ZAP,
SQLmap, Metasploit, Fuff , Nikto, John the Ripper
 Scripting – Basic Bash, Python
 Databases – SQL, Nodejs
 Web Development - HTML, CSS, Basic
CERTIFICATIONS & RELEVANT COURSES

 MCEH (WAPT/VAPT Cyber security training certificate) –Metaxone solution PVT. LTD. [link]
 Cybrary – Introduction to Cybersecurity
 Pentesting and Securing Web Applications– Udemy
 Diploma in Ethical Hacking and Penetration Testing – Alison [link]
 AWS Training (Linuxworld informatics Pvt. Ltd) [link]
 Hands-on Android Security –Alison [link]

Activities
 Achievements - Successfully qualified level 1, 2 in ISAC and CIT CTF
 Hall of Fame - santos
 CTF/Hackathons - Actively participating in CTF competitions Besides CTFs, etc. and actively
playing CTFs on platforms like TryHackMe 70+ lab solved and reached Top 2%,
HackTheBox,
 Courses, Learning Path on Portswigger,
 Bootcamps - Attended 14 Weeks Practical Network Penetration Tester Certification Bootcamp
by TCM Security and many different Bootcamps by different organizations

Projects
 Port Scanner - A simple Port Scanner using sockets in Python [link]

 Network - Network is simple and beautiful UIUX based Webapplication where people can chat
anonymously with friends without privacy issue. [link]

Techstack - Nodejs, Git, Heroku