cat EXPERIENCE.md

Information Security Engineer

Codec Networks | May 2026 – Present

• Web Application Security: Performed manual web application penetration tests, with a track record of uncovering authentication bypass and privilege-escalation flaws that granted access to restricted functionality and other users’ data. Also assessed broken access control, business logic and workflow flaws, injection, and security misconfigurations.
• API Security: Assessed REST APIs for broken object- and function-level authorization, excessive data exposure, and improper input validation.
• Android Application Security: Conducted static and dynamic analysis of Android apps, covering exported components and intents, insecure data storage and shared preferences, permission models, broadcast receivers, and exposed services. Authored custom Frida scripts to bypass client-side controls and instrument runtime behavior.
• Network Security: Performed network penetration testing on internal and external infrastructures, identifying vulnerabilities in active services, outdated software, and misconfigured network protocols.

VAPT Intern

Codec Networks | Nov 2025 – May 2026

• Conduct penetration tests on client applications, systems, and networks and identify security vulnerabilities.
• Craft detailed technical reports outlining discovered vulnerabilities, potential impacts, and remediation steps.
• Collaborate closely with senior team members to develop and refine testing methodologies for web applications and APIs.

Cyber Security Intern

Gurugram Police | Mentored by Mr. Rakshit Tandon

• Contributed to the development of OSINT (Open-Source Intelligence) tools to aid cybercrime investigations.
• Gained hands-on experience in digital forensics, threat intelligence, and penetration testing.
• Worked on real-world cybersecurity challenges under the guidance of industry experts.
• Received a certification from Gurugram Police for successfully completing the internship.