Gaurav Singh
VAPT | Cyber Security Engineer | Penetration Testing
Cybersecurity Engineer specializing in Vulnerability Assessment and Penetration Testing (VAPT), with hands-on experience in exploiting OWASP Top 10, Web, API, Android misconfigurations, and business logic flaws across enterprise applications.
Technical Expertise
Web/App Security (Burp Suite Pro, OWASP ZAP, Nmap)
Exploitation (SQLMap, Metasploit, Nikto, John the Ripper)
Reconnaissance (FFUF, Subfinder, Gobuster, Amass)
Scripting (Python, JavaScript, Bash)
Security Standards (OWASP Top 10, MITRE ATT&CK, CVE)
Attack Vectors (SQLi, XSS, SSRF, RCE, IDOR, Auth Bypass)
Latest Blog Posts
Advanced SQL Injection Techniques in Modern Web Applications
SQL injection remains one of the most critical vulnerabilities in web applications, despite being well-known for decades. In this post, I’ll explore advanced SQL injection techniques that work against modern...
Read More →
Building an Automated VAPT Framework with Python
In this post, I’ll walk you through building a comprehensive automated Vulnerability Assessment and Penetration Testing (VAPT) framework using Python. This framework can be used to automate routine security testing...
Read More →
Featured Projects
BNHS Incident Response: Broken Auth to RCE Chain
Led end-to-end incident response involving broken authentication leading to RCE exploitation chain, backdoor analysis, and server hardening.
View Project →
Custom Burp Suite Extension for Shell Access Detection
Developed custom Burp Suite extension for automated detection of shell access patterns and exploit chain automation during black-box assessments.
View Project →
Malware Analysis Toolkit
A collection of tools for static and dynamic malware analysis, including string extraction, behavioral analysis, and report generation.
View Project →
Custom Network Scanner
A multi-threaded network scanner with service detection, OS fingerprinting, and vulnerability mapping capabilities.
View Project →