M14R41 
Madhurendra K...
About Me
Hi, I'm Madhurenddra. Let me share a bit about myself.
Senior Information Security Consultant with over 50x CVEs on my name. Certified as a Master in Certified Ethical Hacker (CEH) by EC-Council and a BugHunter, I am actively engaged as a Security Researcher. Currently preparing for the CRTP Certification and continuously working towards further certifications.
I have completed my Master degree in MCA 2022 to 2024 year.My expertise includes Web Application PT, API PT, Android PT, Thick Client PT, Secure Code Review, Network PT, and basics of Cloud pentesting. I am proficient in Computer Networking, Bash-Scripting, and major programming languages, operating across all major operating systems, and currently enhancing my knowledge in Cloud, Network, and Firewall Security. I actively engage in Bug Hunting and exploring Red Team Attack Vectors, expanding my skills on platforms like TryHackMe and Hackthebox.
I possess hands-on experience with a wide range of tools including: Burp Suite Pro 🌐, Acunetix 🌐, Fortify-WebInspect 🌐, HCL-AppScan 🌐, invicti netsparker 🌐, wp-scan 🌐, Nikto 🌐, Dirsearch,Dirb,WFuzz 🌐, SQLMap 🌐, OWASP ZAP 🌐, Nmap 🌐, ADB 📱, MobSF 📱, Frida 📱, Objection 📱, APKTool 📱, JADX-GUI 📱, Android-Studio/Genymotion/Nox-Player 📱, Drozer 📱, Magisk Root 📱, APKX 📱, SSLUnpinning_Xposed 📱, mitmproxy 📱, Postman 📡, SoapUI 📡, Wordlist seclists & Assetnote 📡, Kite Runner 📡, SonarQube 🔐, Semgrep 🔐, Fortify-WorkbenchAudit 🔐, Snyk 🔐, OpenText™ Fortify™ SAST 🔐, Checkmarx 🔐, Veracode 🔐, VCG 🔐, VSCode, Fiddler/Echo Mirage/Burpsuite 💻, Sysinternals Suite 💻, SigCheck 💻, TCPView 💻, Strings.exe 💻 CFF Exploer/DedectItEasy 💻 Procmon 💻, Dnspy/ILSpy/Dot Peek 💻, Process Explorer/Process Hacker 💻, de4dot 💻, IDA Pro 💻, DCPdump/Wireshark, x64dbg 💻, Ghidra/OllyDbg 💻, RegShot/Volatility 💻, Nessus 🕸️, Metasploit Framework 🕸️, SMBclient 🕸️, TCPdump 🕸️ Ettercap 🕸️, Netcat 🕸️, PowerUp.ps1 🧑🏽💻, InviShell 🧑🏽💻, Find-PSRemotingLocalAdminAccess.ps1 🧑🏽💻, AmsiTrigger 🧑🏽💻, BetterSafetyKatz.exe 🧑🏽💻, BloodHound🧑🏽💻, DefenderCheck 🧑🏽💻, Invoke-SessionHunter.ps1 🧑🏽💻, Loader.exe 🧑🏽💻, mimikatz 🧑🏽💻, Rubeus.exe 🧑🏽💻, SafetyKatz.exe 🧑🏽💻, SharpKatz.exe 🧑🏽💻, winPEASx64.exe 🧑🏽💻 etc...
I actively seek collaborations with fellow InfoSec enthusiasts for Red Teaming.
Medium Blog Blogspot Articles
Skills
Perform Vulnerability Assessments
Web Application Penetration Testing
API Penetration Testing
Android Pentesting
iOS Pentesting
Secure Code Review : SAST
Thick Client Pentesting
Cloud Pentes Pentesting
Domain,Sub-domain configuration and cloudflared
Wifi Hacking
Dev SecOps
Automation : Bash and Python scripting
Git/ Github
Bash, Python, Powershell, HTML/CSS/JS, C, C++,Go, Java, YML
Automation by scripting - Bash & Python
Tools: Burpsuite, Acunetix, AppScan, Netspaker,WebInspect, Nessus, Sqlmap, Nmap, Nuclie
More-Tools:- Postman, Swagger, adb, MobSF, AndroidStudio,frida/objection, SonarQube, WebInspect, Semgrep, checkmarks, dnSpy, ProcessHacker, Filders, EchoMirag
Experience
eSec Forte Technologies
Sr. Information Security Consultant
April 2024 - Present
- • Perform Vulnerability Assessments.
- • Perform penetration tests on Web applications.
- • Perform penetration test on API.
- • Source Code Review
- • Mobile Pentesting ( Android and iOS)
- • Thick Client Pentesting
- • Conduct in-depth security research, document findings, and collaborate with the team to address vulnerabilities and discuss with client for remediation.
Global Technology & Information Security
Information Security Analyst
April 2022 - April 2024
- • Perform Vulnerability Assessments.
- • Perform penetration tests on Web applications.
- • Perform penetration test on API.
- • Network penetration test.
- • Source Code Review
- • Mobile Pentesting
- • Thick Client Pentesting
- • Research, document and discuss security findings with management and IT teams
Cyber Secured India · Internship
Cyber security and digital forensics
Jan 2022 - March 2022
- • Perform web application pen-testing.
- • Perform mobile application pen-testing.
- • IoT and Hardware Pentesting.
- • Introduction to automobile penetration testing
- • Introduction to RF Pentesting.
- • Documentations and writing reports.
Bug Hunting
Independent Security Researcher
July 2022 - Present
- • Recivied Multiple Hall of Fame
- • Recieved Multiple Acknowledgement
- • Recieved Multiple Apprication Letters
- • Recieved 350 plus Acknowledgements from NCIIPC
- • Looking forward make more contributions...contributing to Secure the Security
SISTMR, Australia
Cyber Security Internship Program
Feb 2022 - March 2022
- • Perform various CTF and challenges.
- • Virtualizations on Virtualbox and Workstations.
- • Web PT on various vulnerable applications.
- • Projects on Metasploitable2 & OWASP Broken Web Applications
- • Networking concepts like OSI, TCP/IP
- • Networking devices, IP/MAC, Digital ommunications, etc.
Hobbies
Capture the Flag - HTB and THM
Security Writups Writting and Reading
Security Research
Open Source contributions
Programming and automation
Open Source Projects
Certifications
Master of Certifed Ethical Hacker
EC-Council
Credential ID:ECC2039745816
July 22, 2022
Certifed Ethical Hacker V11
EC-Council
Credential ID:ECC7538946210
April 19, 2022
Multi-Cloud Red Teaming Analyst
CYBERWARFARE LABS
Credential ID:668463e25579bdc57c6913c2
July 07, 2024
Certified Appsec Practitioner (CAP)
The SecOps Group
Credential ID:6899817
JANUARY 2023
Official (ISC)2 Certified in Cybersecurity
ISC)2
Credential ID:00000
JANUARY 2023
Practical Ethical Hacking
TCM Security
Credential ID:cert_8q98pmdv
JANUARY 01, 2024
Introduction to Cybersecurity Learning Path
TryHackMe
Credential ID:THM-MC58TPH3AX
DECEMBER 2021
Introduction to Cybersecurity Tools & Cyber Attacks
IBM
Credential ID:NUBEETVTMLR3
DECEMBER 2021
Intro to Bug Bounty Hunting and Web Application Hacking
Udemy
Certification ID : UC-3e631283-6ac3-4f74-a7dc-e8a3fa01492c
DECEMBER 2021
Introduction to Cyber Security
Simplilearn
Certification ID : 2972431c
OCTOBER 2021
BUG BOUNTY HUNTING WITH BURP SUITE
Udemy
Certification ID : UC-f05cddeb-cd09-444f-b71d-a19c1849c6c2
Novembrt 2022
Education
Master of Computer Application
mangalayatan university UP
2022 - 2024
Bachelor's of Computer Application
BRABU University Muzaffarpur, Bihar
2018 - 2021
Senior Secondary
Raghunath Jha Mahavidyalaya Sitamarhi, Bihar
2015 - 2017
