Vaishnavi Researcher

Cybersecurity Expert

Pune, Maharashtra, India 3+ yrs exp 86 · Excellent

About

Cybersecurity professional with 1+ year of hands-on penetration testing at a product-based SaaS company and 2+ years of freelance bug bounty research across 70+ organizations including SANS, SAP, and Intuiface. Surfaced 80+ vulnerabilities that automated scanners missed, working across web applications, Android mobile, APIs, and network infrastructure. Looking to bring offensive security expertise to a team where finding what others overlook is the mission.

Skills & Expertise (31)

Burp Suite Advanced

8.3/10

Years Exp

DAST Web CVSS scoring Threat Modelling NIST PTES OWASP WSTG Bash Python IPS IDS Firewalls VPN TLS SSL DNS HTTP/S IP TCP SQLmap WIRESHARK Burp Suite Pro GraphQL REST API Metasploit Nmap Network MobSF apktool

Work Experience

Cybersecurity Expert

Contractor+

Apr 2025 - Present

Conducted black-box and grey-box web application & API penetration tests (static + dynamic analysis) on internal products, identifying 30+ critical and 50+ medium/high severity vulnerabilities. Discovered authentication bypasses, logic flaws, and weaknesses in the key derivation function that automated scanners (DAST/SAST) failed to flag. Performed VAPT on internal network IPs, including infrastructure mapping, firewall analysis, and protocol-level exploitation. Delivered detailed, executive-ready vulnerability assessment reports with severity ratings, reproduction steps, and prioritized remediation roadmaps. Validated all findings end-to-end, from proof-of-concept exploit to confirmed patch - minimizing false-positive noise for the engineering team.

Freelance Cybersecurity Researcher

Independent

Jan 2023 - Jan 2025

Identified and responsibly disclosed vulnerabilities across 70+ organizations via bug bounty and VDP programs. Earned Hall of Fame recognition at SANS Institute, SAP, and Intuiface for impactful security contributions. Specialized in OWASP Top-10, IDOR, authentication flaws, injection attacks, and business-logic abuse across web & mobile apps. Self-directed: end-to-end ownership from recon and exploitation through developer-friendly disclosure write-ups.

Education

B.E. Computer Engineering

2021 - 2023 · Afghanistan

Diploma in Computer Engineering

2018 - 2020 · Afghanistan

Certifications

No certifications added yet

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10

📄 Resume 10/10

💼 Job Title 10/10

✍️ Bio 10/10

🛠️ Skills 20/20

🎓 Education 10/10

⏱️ Experience 11/15

💰 Rate 0/5

🏆 Certs 0/5

✅ Verified 5/5

Total Score 86/100

Profile Overview

Member sinceMay 2026

Skills (31)

Click a skill to find developers with the same skill

Burp Suite DAST Web CVSS scoring Threat Modelling NIST PTES OWASP WSTG Bash Python +21 more

Similar Profiles

Prasanth S

Cybersecurity Professional

Srivigneshwaran S

CyberSecurity

JAYA KUMAR

CyberSecurity

Adhivivek Gudla

Cybersecurity

View All Developers →