⚡ Certified Penetration Tester (eCPPT)

Hello, I'm राहुल ठाकुर
Cyber Security Analyst

4+ years in Cyber Security — breaking Web Applications, Mobile Apps, APIs, and Network Infrastructure. Specialized in Hacking & Penetration Testing with 150+ security assessments completed.

150+ Assessments
4+ Years Exp
24/7 Available
Hire Me TryHackMe
Cyber Security Animation - Hacker Operations Center
root@kali:~/pentest
ONLINE
root@kali:~#
vulnerabilities
500+
Certified
eCPPT
Response
< 1hr
Trusted by Security-Conscious Organizations
eCPPTv2 Certified
MCRTA Certified
CRTO Soon..
Skills

Cybersecurity & Penetration Testing

Hands-on experience in identifying vulnerabilities, assessing security risks, and strengthening digital infrastructures through structured penetration testing methodologies.

Web Application PT

Comprehensive security assessment of web applications including OWASP Top 10, business logic flaws, and authentication bypass testing.

  • OWASP Top 10 Coverage
  • API Security Testing
  • Authentication Bypass
  • Business Logic Flaws

Mobile App Security

iOS and Android application security testing including reverse engineering, insecure storage, and communication testing.

  • Static & Dynamic Analysis
  • Reverse Engineering
  • Insecure Data Storage
  • Network Communication

Network Pentesting

Internal and external network penetration testing including firewall bypass, VLAN hopping, and privilege escalation.

  • Internal/External Networks
  • Active Directory Attacks
  • WiFi Security Testing
  • Firewall Evasion

API Security

In-depth analysis of REST, GraphQL, and SOAP APIs for security vulnerabilities and data exposure risks.

  • Authentication Flaws
  • Injection Testing
  • Rate Limiting Bypass
  • Data Exposure Analysis

Cloud Security

AWS, Azure, and GCP security assessments. Cloud infrastructure penetration testing and configuration review.

  • IAM Misconfigurations
  • S3 Bucket Analysis
  • Container Security
  • Serverless Testing
Experience

Where I've Worked

My professional journey in cybersecurity and penetration testing.

Security Analyst

@ QRC Assurance And Solutions Pvt. Ltd. Nov 2022 - Present
  • Conducted comprehensive Dynamic Application Security Testing (DAST) on web, mobile, API, and thick client applications using manual techniques and automated tools, aligned with OWASP Top 10 standards.
  • Performed Vulnerability Assessment and Penetration Testing (VAPT) for both external and internal networks, identifying critical security gaps across diverse infrastructures.
  • Executed PCI ASV scans using QualysGuard to support organizations in achieving compliance readiness.
  • Utilized security tools including Nessus Professional, Nmap, Burp Suite, OWASP ZAP, Acunetix, QualysGuard, SQLmap, Netsparker, Metasploit, MobSF, ADB, APKTool, Frida, Objection, and Postman for comprehensive security testing.
  • Conducted Static Application Security Testing (SAST) using HP Fortify to identify code-level vulnerabilities during early SDLC stages.
  • Delivered detailed client-facing reports with proof of concept (PoC), risk assessments, and actionable remediation strategies to enhance security posture and mitigate risks.

Penetration Tester Intern

@ Cybertix.in Jul 2022 - Sept 2022
  • Web application penetration testing based on OWASP Top 10 methodology
  • Daily reporting and coordination with team leads on critical findings
  • Hands-on experience with Burp Suite, OWASP ZAP, and automated scanners
  • Developed custom Python scripts for reconnaissance automation

Cyber Security Engineer Intern

@ VTF Virtually Testing Foundation May 2022 - June 2022
  • Completed 7 weeks of intensive security training program
  • Weekly assignments covering penetration testing methodologies
  • Practical labs on network security, web exploitation, and forensics
  • Contributed to CTF challenges and community security research

Cyber Security Intern

@ CSI Cyber Secured India (Feather's Group) Jan 2022 - Apr 2022
  • Mastered web fundamentals, networking, TCP/IP, OSI Model, and protocol analysis
  • Hands-on training with OWASP Top 10, Burp Suite, and reconnaissance techniques
  • Android pentesting and static/dynamic analysis using Frida and MobSF
  • Windows and Linux privilege escalation techniques
Certifications

Professional Certs

Industry-recognized certifications validating my expertise.

eCPPTv2

Certified Professional Penetration Tester

Verify

MCRTA

Multi-Cloud Red Teaming Analyst

Verify

THM-JPT

Jr. Penetration Tester

Verify

API Penetration Tester

API Security Testing Certified

Verify
Skills

Technical Arsenal

Tools and technologies I use to break and secure systems.

Penetration Testing

Web PT
Mobile PT
API PT
Network PT
Burp Suite
Recon

Development & Tools

Python/Bash
SQL/MongoDB
Git/Docker
Linux/Windows
Cloud PT
Report Writing
Beyond Work

Personal Interests

What I do when I'm not breaking systems or writing reports.

Continuous Learning

Always exploring new security research, CVEs, and emerging threat landscapes.

CTF Competitions

Participating in Capture The Flag events and bug bounty programs for fun and skill sharpening.

Open Source

Contributing to security tools and sharing knowledge with the community.

Gaming

Immersive gaming sessions exploring virtual worlds and competitive multiplayer experiences.

Art & Sketch

Capturing ideas and visions through digital and traditional sketching techniques.

Explorer

Discovering new places, cultures, and experiences through travel and urban exploration.

Deep Space Enthusiast

Passionate about astronomy, cosmic phenomena, and the mysteries of the universe.

Get In Touch

Send Me a Message

Have a project in mind or want to discuss security? Fill out the form below.

03. What's Next?

Get In Touch

Available for freelance security projects. If you want to make your organization more secure and resilient against cyber threats, feel free to get in touch, I’d be glad to assist.

Say Hello

Pentest Assistant

👋 Welcome to My Portfolio! I'm your security assistant. How can I help you today?
Services Contact