Candidates About
Shivam Kumar
Cyber Security
Passionate cybersecurity enthusiast and Certified Ethical Hacker with a strong background in
vulnerability assessment, penetration testing, Android application testing, and Active Directory. Proficient in identifying security vulnerabilities and developing effective strategies to enhance digital
security.
shivamsingh05675@gmail.com +91 9289097034
New Delhi, India tryhackme.com/p/king05675
linkedin.com/in/shivam-singh-3906b0203
SKILLS
Vulnerability Assessment and Penetration Testing Android App Penetration Testing Wireless Penetration Testing
API Penetration Testing Ethical Hacking Network Vulnerability Scanning Shell Scripting python programming
Active Directory Penetration Testing AWS Penetration Testing
INTERNSHIP EXPERIENCE
Vulnerability Assessment and Penetration Testing
Youth4work Pvt. Limited (India)
05/2023 – 08/2023,
Vulnerability Assessment and Penetration Testing on application
Collaborated on remediation planning and implementation
Cyber Security
Guru-gram Cyber Police
06/2021 – 07/2021,
Raised cyber awareness through awareness programs
Vulnerability Assessment and Penetration Testing
Tech-twins Technologies Pvt. Limited
12/2020 – 03/2021,
Conducted penetration testing and vulnerability assessments
Collaborated on remediation planning and implementation
Cyber Security
Cryptus Cyber Security Pvt. Limited
07/2018 – 09/2018,
Conducted penetration testing and identified security vulnerabilities
Prepared detailed reports and documented findings.
Page 2 of 4
EDUCATION
MCA – (Cyber Security)
Poornima University, Jaipur
08/2022 – Present, Jaipur, India ,7.5
https://www.ijraset.com/best-journal/an-efficient- approach-for-mitigating-insecure-direct-object-referenceidor-bug-bounty-method
BCA – (Cloud Computing)
Poornima University, Jaipur
06/2019 – 06/2022, Jaipur, India, 7.0
Vulnerability Penetration Testing AWS Security : S3Bucket, EC2,Lambda function
PERSONAL PROJECTS
XSS Vulnerability Scanner – Python (10/2021 – 11/2021)
Created an automated tool for pinpointing cross-site scripting vulnerabilities in web apps, bolstering security
Reverse Shell – Python (03/2022 – 04/2022)
Developed a reverse shell script for penetration testing, showcasing security breach impact through remote system access Auto Vulnerability Scanner – Shell Scripting (10/2023 – Present)
Created a versatile vulnerability scanner for network, SQL injections, and identifying XSS, CRLF, LFI issues, enhancing security.
CERTIFICATES
Certified Ethical Hacker v11 (04/2021 – 08/2021)
Credential ID: ECC0532481796 Credential URL: https://aspen.eccouncil.org/Verify
Offensive API Penetration Testing (02/2021 – 02/2021)
Credential ID: E5407954C31C260CC6E21F8AF2CA98C3E35A33BD
Credential URL: https://api.hackersera.com/verify/certificate/
Certified Offensive Bug Bounty Hunter 2.0
(08/2021 – 10/2021)
Credential ID:9F73F90EFA26E606470C64D62C5CB89CDD8AA5D5
Credential URL: https://api.hackersera.com/verify/certificate/
API Security Architect (04/2022 – 04/2022)
Certificate URL: https://drive.google.com/file/d/1ZMOfwdfnnuZRl- pvDEueTAOV4vKnYsJ7/view?usp=sharing
(ISC)2 Cyber Security (01/2023 – 02/2023) Practical Ethical Hacking (03/2023 – 03/2023)
Certificate URL:https://drive.google.com/file/d/1ZMOfwdfnnuZRl- pvDEueTAOV4vKnYsJ7/view?usp=sharing
Mobile Application Penetration Testing
(04/2023 – 06/2023)
Certificate URL: https://drive.google.com/file/d/1pNkMl81pFAiWfl0uKaG2wEw7_VRI7
tXW/view?usp=sharing
Practical Junior Penetration Tester™ (PJPT)
Certification (09/2023 – Present)
I am currently in the process of preparing for the Practical Junior Penetration Tester™ (PJPT) certification, which is a beginner-level
penetration testing exam.
TECHNICAL SKILLS
Tools &
Technologies
Nessus, Netsparker, Acunetix, Kali Linux, Burp Suite, Nmap, Owasp Zap Proxy, Metasploit Framework,Wireshark, Aircrack-ng, Autopsy, FTKImager, Browser Examine, Access Data Toolkit, Dalfox
Standard &
Frameworks
OWASP TOP 10
Page 3 of 4
TECHNICAL SKILLS
Programming
Languages
Python, Shell Scripting,HTML
HONOR AWARDS
Microsoft – Hall of Fame
Found a bug in Outlook
https://msrc.microsoft.com/update- guide/acknowledgement/archive
Google – Hall of Fame
Found a bug in Google Subdomains 7th times https://bughunters.google.com/profile/24322260-070f-4f19-abc3- 95a2620bdd09
Razorpay – Hall of Fame
Found a bug in razorpay.com
https://razorpay.com/hall-of-fame/
Dell – Hall of Fame
Found a Bug in Dell Subdomain https://bugcrowd.com/dell/hall-of-fame
Ingenico – Hall of Fame
Found a bug in Ingenico.com
https://hackerone.com/ingenico_group/thanks?type=team
rea-group – Hall of Fame
Found a bug in rea-group.com
https://www.rea-group.com/about-us/news-andinsights/blog/responsible-vulnerability-disclosure-program-hall-of- fame/
Indeed – Hall of Fame
Found a Bug in Indeed.com
https://bugcrowd.com/indeed/hall-of-fame
Comcast – Hall of Fame
Found a Bug in Comcast Xfinity Subdomain https://bugcrowd.com/comcastvdp/hall-of-fame
Stack Path – Hall of Fame
Found a Bug in Stackpath.com
https://bugcrowd.com/comcastvdp/hall-of-fame
MAF Finance – Hall of Fame
Found a Bug in maffinancegroup.co.uk
Private Program Invite Redox – Hall of Fame
Found a Bug in Redox subdomain https://bugcrowd.com/redox/hall-of-fame
SAP concurs – Hall of Fame
Found a Bug in SAP Subdomain Private Program Invite
iRobot – Hall of Fame
Found a Bug in Irobot subdomain https://bugcrowd.com/irobot/hall-of-fame
Naspers – Hall of Fame
Found a Bug in Naspers Subdomain Private Program Invite Vox Cinemas – Hall of Fame
Found a Bug in Vox Cinemas Subdomain Private Program Invite
Citizen Bank – Hall of Fame
Found a Bug in Citizen Bank Subdomain https://citizensbank.responsibledisclosure.com/hc/en- us/articles/360047987213
Coca Cola – Hall of Fame
Found a Bug in Coca Cola Subdomain https://bugcrowd.com/coca-cola/hall-of-fame
Erasmus University Rotterdam – Hall of Fame
Found a Bug in Erasmus University Rotterdam
https://www.eur.nl/en/campus/locations/campus- woudestein/security-safety/information-security/hall-fame GeeksforGeeks – appreciation letters
Found a Bug in GeeksforGeeks https://media.geeksforgeeks.org/certificates/1639475057/566f57d
84a464c4e86649f58f0bc36b8.pdf
Dutch Government’s – appreciation letters
Found a Bug in Dutch Goverment web application
I discovered a bug in a Dutch government web application and
received appreciation letters and swag. PagerDuty – Swags
Found a Bug in PagerDuty Subdomain
I discovered a bug in a PagerDuty web application and received
appreciation letters and swag.
GTS Global – appreciation letters
Found a Bug in GTS Global Subdomain’s
I discovered a bug in a GTS Global web application and received
appreciation letters and swag.
Indian Government – Hall of Fame
I discovered a security vulnerability in an Indian government website. https://www.nciipc.gov.in/documents/NCIIPC_Newsletter_Apr19.p
df
Feehi CMS 2.1.1 – CVE-2022-34140
Discovered a vulnerability in Feehi CMS version 2.1.1 – CVE-2022-34140
and successfully obtained a CVE assignment under my name. Link – https://www.exploit-db.com/exploits/51002
winni.in – Hall of Fame
I discovered a security vulnerability in an winni.in website. https://www.winni.in/bug-bounty
Hacktoberfest Winner -2023 repositories
Achieve success by creating 10 merged pull requests in GitHub
https://www.holopin.io/@king05675
Professional Skills
- android penetration testing
- api security
- cyber security
- VAPT