01001000 01100101 01101100 01101100 01101111 00100000 01010111 01101111 01110010 01101100 01100100
root@security:~$
whoami
> |

PRIVACY
IS A
MYTH

Penetration Testing • Vulnerability Assessment • CTF Player

View My Work Get In Touch

About Me

Dedicated to protecting digital assets through ethical hacking and cybersecurity expertise

$ cat about.txt

> Passionate cybersecurity professional with extensive experience in ethical hacking, penetration testing, and vulnerability assessment.

> Committed to helping organizations strengthen their security posture through responsible disclosure and comprehensive security testing.

> Continuous learner staying updated with the latest security threats, tools, and defensive techniques.

> Believer in using technology for good and making the digital world safer for everyone.

Core Competencies

Ethical Hacking

Authorized penetration testing to identify and fix security vulnerabilities

Vulnerability Assessment

Systematic identification and prioritization of security weaknesses

Connect with me:

Certificates & Skills

My hobbies, campus leadership, and technical expertise

$ ls -la hobbies

Capture The Flag (CTF) Competitions
Security Research & Blogging
Open Source Security Tools Development
Writing Poems

$ cat leadership.txt

Outreach Member-TedxCusat

Engaged in community outreach, partnerships, and promotions to expand TEDx event visibility and participation.

2025

HR Manager - Seds Cusat

Oversee recruitment, member engagement, and coordination for club activities.

2024-

Tinkerhub Member

Engaged in coding challenges, hackathons, and peer-learning sessions to develop technical and problem-solving skills.

2023-2027

$ cat certifications.json

Certified Network Security Practitioner (CNSP)

The SecOps Group • Valid: 2025-

Junior Web Penetration Tester (JWPT)

Hackersdaddy • Valid: 2024-

Certified Cybersecurity Educator Professional (CCEP)

RedTeam Leaders • Valid: 2025-

$ cat bug_bounty_achievements.json

Government of India (Vulnerability Disclosure Acknowledgment)

Recognized for critical vulnerability • 2025

Responsible Disclosure – Booking.com, Sony & Toyota

Reported multiple security vulnerabilities contributing to strengthening their security posture • 2025

Critical Vulnerability Discovery – Book Selling Platform

Identified and responsibly disclosed a SQL Injection vulnerability, preventing potential data exposure and unauthorized database access • 2025

OTP Leakage Discovery – CUSAT

Uncovered a sensitive OTP leakage flaw affecting authentication flows in a CUSAT application and received an official thank-you acknowledgment from the team • 2025

0 Click Account Takeover

Discovered a critical authentication bypass vulnerability enabling zero-click account takeover in Hackwithindia VPD, allowing unauthorized access to user accounts without any user interaction • 2026

$ ./show_skills.sh

Penetration Testing

Web Application Testing Network Penetration OSINT Social Engineering

Security Tools

Metasploit Burp Suite Nmap Wireshark OWASP ZAP Nessus

Programming Languages

Python JavaScript PowerShell C/C++ SQL

Operating Systems

Kali Linux Windows

Experience

Professional journey, education, and certifications

$ cat professional_experience.log

Oct 2025 - Present

Developer & Security Tester

Interview Easy

  • Built and shipped a user profile section to improve onboarding and account management.
  • Performed security testing across key flows to validate access controls and data handling.
  • Identified and fixed P2 and P3 severity bugs to improve stability and user trust.
June 2025

Security Analyst Intern

Dalisec

  • Designing and developing custom CTF challenges for skill-building and internal assessments.
  • Created hands-on cybersecurity labs focused on real-world exploitation techniques.
  • Demonstrated strong understanding of cybersecurity concepts and offensive security practices.
  • Proactive learner capable of independently executing assigned tasks with minimal supervision.
  • Contributed to improving internal training frameworks and overall engagement with the security community.
Dec 2024-March 2025

Penetration Tester Intern

Hackersdaddy

  • Conducted penetration tests on web applications, networks, and systems to identify vulnerabilities.
  • Worked on OWASP Juice Shop to practice identifying and exploiting application flaws.
  • Developed skills in SQL injection, cross-site scripting (XSS), and malware detection.
June 2024-July 2024

Chatbot Developer Intern

IBM Skillbuild

  • Designed and developed a chatbot using IBM Watson to assist users with specific tasks such as technical support or FAQs.
  • Integrated the chatbot with APIs to provide dynamic and contextual responses.
  • Conducted extensive testing and optimized the chatbot’s conversational flows to improve user satisfaction.

$ ls -la education/

Cochin University of Science and Technology

2023 - 2027

State Public University

• GPA: 7.43/10.0

SRP College

2021 - 2023

Affliated to Bihar Intermediate Education Council (BIEC)

• Percentage =73.4%

Featured Projects

Real-world security engagements and research initiatives

Penetration Testing

PassGuesser — Password Wordlist Generator

Targeted CLI utility that builds prioritized password wordlists from available credentials such as names, dates, places, hobbies, etc.

Technologies Used:

Python 3 itertools argparse Custom Scripting

Impact:

Generates compact, high-quality targeted wordlists that increase the efficiency of authorized credential testing while reducing noise and false positives.

Cybersecurity / CTF Development

CTF-Challenges – Multi-Category Cybersecurity Lab

A multi-category CTF challenge set designed for hands-on cybersecurity learning and internal training. Each challenge teaches a core cybersecurity concept and developed for internal skill enhancement .

Challenge Categories:

Steganography Cryptography Web Exploitation OSINT Misc / Logic

Purpose:

Used for structured cybersecurity training and practical skill development .

Security / Malware Research

Malware Simulation Framework v2 — Python-Based Keylogger + Payload

A fully functional, multi-threaded malware simulation framework designed for red-team labs and cybersecurity research. Includes a keylogger, webcam & screen capture modules, audio recorder, auto-upload exfiltration system, and GitHub-based remote kill switch.

Note: Built purely for ethical hacking education in isolated environments.

Technologies Used:

Python pynput OpenCV sounddevice pydub Threading Auto-py-to-exe

Impact:

Designed for safe malware simulation, teaching log exfiltration, kill-switch logic, and AV evasion fundamentals.

Get In Touch

Ready to secure your digital assets? Let's secure it together.

$ contact --info

email: sumittraj2027@gmail.com
pgp: Available upon request
response: Within 24 hours

Services Available

  • > Penetration Testing
  • > Vulnerability Assessments
  • > Security Audits
  • > Incident Response

I'm always interested in hearing about new opportunities, interesting projects, or just connecting with fellow developers. Feel free to reach out!

Download Resume

$ send --message

All communications are encrypted and handled with strict confidentiality