Hi there, I’m Gaurav Singh! πŸ‘‹

Typing SVG
[![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=for-the-badge&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/gaurav-singh-cybersecurity/) [![Portfolio](https://img.shields.io/badge/Portfolio-255E63?style=for-the-badge&logo=About.me&logoColor=white)](https://GauravSingh-CyberSecurity.github.io/) [![HackerRank](https://img.shields.io/badge/-Hackerrank-2EC866?style=for-the-badge&logo=HackerRank&logoColor=white)](https://www.hackerrank.com/profile/Gaurav_cse_cyber) [![LeetCode](https://img.shields.io/badge/LeetCode-000000?style=for-the-badge&logo=LeetCode&logoColor=#d16c06)](https://leetcode.com/u/GauravSingh-CyberSecurity/)

πŸ”’ About Me

I’m a Cybersecurity Engineer specializing in Vulnerability Assessment and Penetration Testing (VAPT) with hands-on experience in exploiting OWASP Top 10, Web, API, Android misconfigurations, and business logic flaws across enterprise applications.

  • 🏒 Currently working as Information Security Engineer at Harrier Information Systems PVT LTD
  • πŸŽ“ Bachelor of Engineering in Computer Science (Cyber Security) from RCOEM (CGPA: 7.6/10.0)
  • πŸ“ Based in Nagpur, Maharashtra, India
  • πŸ” Proficient in discovering vulnerabilities related to authentication, authorization, injection flaws, business logic bypasses, server misconfigurations, and API-specific issues
  • 🐍 Experienced in automating test cases and exploit development using Python, Bash, and JavaScript
  • 🎯 30-day notice period - Open to new opportunities

πŸ› οΈ Technical Arsenal

πŸ” Security Tools & Frameworks

![Burp Suite](https://img.shields.io/badge/Burp_Suite-FF6633?style=for-the-badge&logo=burpsuite&logoColor=white) ![OWASP](https://img.shields.io/badge/OWASP-000000?style=for-the-badge&logo=owasp&logoColor=white) ![Metasploit](https://img.shields.io/badge/Metasploit-2596CD?style=for-the-badge&logo=metasploit&logoColor=white) ![Nmap](https://img.shields.io/badge/Nmap-4682B4?style=for-the-badge&logo=nmap&logoColor=white) ![Wireshark](https://img.shields.io/badge/Wireshark-1679A7?style=for-the-badge&logo=wireshark&logoColor=white)

πŸ’» Programming & Scripting

![Python](https://img.shields.io/badge/Python-3776AB?style=for-the-badge&logo=python&logoColor=white) ![JavaScript](https://img.shields.io/badge/JavaScript-F7DF1E?style=for-the-badge&logo=javascript&logoColor=black) ![Bash](https://img.shields.io/badge/Bash-4EAA25?style=for-the-badge&logo=gnu-bash&logoColor=white) ![Java](https://img.shields.io/badge/Java-ED8B00?style=for-the-badge&logo=java&logoColor=white) ![C](https://img.shields.io/badge/C-00599C?style=for-the-badge&logo=c&logoColor=white)

🌐 Web Technologies

![HTML5](https://img.shields.io/badge/HTML5-E34F26?style=for-the-badge&logo=html5&logoColor=white) ![CSS3](https://img.shields.io/badge/CSS3-1572B6?style=for-the-badge&logo=css3&logoColor=white) ![React](https://img.shields.io/badge/React-20232A?style=for-the-badge&logo=react&logoColor=61DAFB)

πŸ—„οΈ Databases & Cloud

![Oracle](https://img.shields.io/badge/Oracle-F80000?style=for-the-badge&logo=oracle&logoColor=white) ![MySQL](https://img.shields.io/badge/MySQL-00000F?style=for-the-badge&logo=mysql&logoColor=white) ![Azure](https://img.shields.io/badge/Microsoft_Azure-0089D0?style=for-the-badge&logo=microsoft-azure&logoColor=white)

πŸ”₯ Expertise Areas

### πŸ›‘οΈ **Web/App Security** - Burp Suite Pro - OWASP ZAP - Postman - Nmap ### πŸš€ **Exploitation** - SQLMap - Metasploit - Nikto - John the Ripper - Hashcat ### πŸ” **Reconnaissance** - FFUF - Subfinder - Gobuster - Amass - WAFW00F ### πŸ“Š **Standards & Frameworks** - OWASP Top 10 - MITRE ATT&CK - CVE Analysis

🎯 Attack Vectors & Techniques

SQLi XSS SSRF RCE IDOR File Inclusion Auth Bypass XXE Command Injection API Misconfig BOLA Broken Auth CSRF Subdomain Takeover Clickjacking Session Fixation CORS Misconfig Insecure Deserialization

πŸš€ Featured Projects

πŸ”’ BNHS Incident Response: Broken Auth to RCE Chain

Technologies: PHP Laravel WordPress CodeIgniter Incident Response Backdoor Analysis

Led end-to-end incident response involving broken authentication leading to RCE exploitation chain, analyzed obfuscated PHP backdoors, removed SEO spam injections, and reinforced server entry vectors.

πŸ”§ Custom Burp Suite Extension for Shell Access Detection

Technologies: Java Burp Suite Python Security Automation

Developed sophisticated Burp Suite extension for automated detection of shell access patterns and exploit chain automation during black-box assessments.

βš”οΈ Offensive Security Tools & PoCs

Technologies: Python Red Team Exploit Development Automation

Comprehensive suite of offensive security tools including buffer overflows, bind shells, SSH brute forcing, keyloggers, and hash cracking utilities.

πŸ“Š GitHub Analytics

GitHub Stats
Top Languages
GitHub Streak

πŸ† Security Learning & Resources

πŸ“š Featured Repository Collections

BurpSuite-For-Pentester HackTheBox-CTF-Writeups

awesome-ctf-resources google-ctf

πŸ’Ό Professional Experience

🏒 Information Security Engineer | Harrier Information Systems PVT LTD

Jun 2024 – Present | Notice Period: 30 days

  • Performed black-box and gray-box VAPT across enterprise-grade web applications
  • Discovered critical issues: SQLi, RCE, SSRF, IDOR, Broken Authentication & Access Control
  • Led BNHS incident response: analyzed obfuscated PHP backdoors and RCE exploitation chains
  • Delivered detailed technical reports with PoCs and remediation steps

πŸ›‘οΈ Cyber Security Engineer | GBJ Buzz | Virtually Testing Foundation

Jun 2023 – Jun 2024

  • Developed offensive security tools and PoCs in Python
  • Simulated red team attacks: Kerberoasting, AS-REP Roasting, Pass-the-Hash
  • Created custom Burp Suite extensions for shell access pattern detection
  • Used BloodHound and CrackMapExec for internal network recon

πŸŽ“ Education & Certifications

πŸŽ“ Bachelor of Engineering in Computer Science (Cyber Security)

Shri Ramdeobaba College of Engineering and Management (RCOEM) | 2024

  • CGPA: 7.6 / 10.0
  • Coursework: Network Security, Operating Systems, Cryptography, Ethical Hacking, Web Application Security

πŸ† Current Certifications

  • πŸ₯‡ Bug Bounty Hunter - Hack The Box Academy (2025)
  • πŸ₯‡ Practical Ethical Hacking – The Complete Course - TCM Security (2024)
  • πŸ₯‡ Intro to Bug Bounty Hunting and Web Application Hacking - NahamSec (2025)

🌟 What I’m Currently Working On

  • πŸ”­ Enhancing advanced penetration testing techniques
  • 🌱 Improving Python skills for security automation
  • πŸ› οΈ Developing custom security tools and frameworks
  • πŸ“š Contributing to open-source security projects
  • 🎯 Participating in bug bounty programs and CTF competitions

πŸ’¬ Let’s Connect!

### πŸ“« **Ready to collaborate on cybersecurity projects?** [![Email](https://img.shields.io/badge/Email-D14836?style=for-the-badge&logo=gmail&logoColor=white)](mailto:gs.cyber.red@gmail.com) [![LinkedIn](https://img.shields.io/badge/LinkedIn-0077B5?style=for-the-badge&logo=linkedin&logoColor=white)](https://www.linkedin.com/in/gaurav-singh-cybersecurity/) [![Portfolio](https://img.shields.io/badge/Portfolio-255E63?style=for-the-badge&logo=About.me&logoColor=white)](https://gauravsingh-cybersecurity.github.io/) **πŸ“± Phone:** +91 9765809266 **πŸ“ Location:** Nagpur, Maharashtra, India
### πŸ’‘ **"Making the digital world a safer place, one vulnerability at a time."** ![Profile Views](https://komarev.com/ghpvc/?username=GauravSingh-CyberSecurity&color=brightgreen&style=for-the-badge)
Snake animation