RAJVEERSINH PARMAR

Penetration Tester | Security Consultant | Security Engineer

Security Consultant with over three years of experience in penetration testing, vulnerability research, and bug hunting. Passionate about offensive security with a unique edge in understanding application architectures.

Learn More Get In Touch

About Me

I am a Security Consultant with over three years of experience in penetration testing, vulnerability research, and bug hunting. Passionate about offensive security, I continuously enhance my skills to stay ahead of emerging threats.

My background in web and Android development gives me a unique edge in understanding application architectures, identifying security flaws, and providing effective remediation strategies.

Anand, Gujarat, India
NO PII
hi@r4jve3r.space

Certifications

CREST Practitioner Security Analyst (CPSA)

Advanced penetration testing certification demonstrating expertise in security assessment methodologies

View Certificate

Burp Suite Certified Practitioner (BSCP)

Comprehensive certification in web application security testing using Burp Suite

View Certificate

Professional Experience

Application Security Consultant

Cognisys Group Remote, Leeds, UK JAN 2023 – Present
  • Collaborating with clients to define the scope of security assessments, understanding business logic, and identifying critical assets
  • Conducting in-depth security testing on web, mobile, and API applications, identifying vulnerabilities, and assessing risk levels
  • Delivering precise, well-structured reports that detail findings, risk impact, and actionable remediation strategies
  • Participating in wash-up calls to walk clients through findings, clarify security risks, and provide strategic guidance for mitigation
  • Reviewing pentesting reports to ensure executive summary and technical findings were concise and well-written
  • Written multiple technical blogs on Access Controls and Mobile Pentesting. Developed multiple Web and Android CTF challenges for internal training

Security Consultant

RedHunt Labs Remote, London, UK APR 2022 – JAN 2023
  • Performed Penetration Testing on various Web, API, and Android applications
  • Performed Recon/OSINT to increase the attack surface of the given targets
  • Developed a vulnerable web app with 15+ vulnerabilities for internal training and hiring purposes

Freelance Pentester

Freelance Remote OCT 2021 – MAR 2022
  • Performed several VA/PT assessment projects for E-Commerce, Data Management & IT Infrastructure companies
  • Delivered clear and concise reports with detailed findings and accurate remediations

Security Analyst Intern

BugsBounty.com Remote JUN 2021 – OCT 2021
  • Performed Web App Pentesting of banking, financial, and PaaS applications
  • Performed static Android Pentesting of financial applications

Independent Security Researcher | Bug Hunter

Freelance Remote DEC 2019 – Present
  • Hunting bugs in my free time for the past few years on various bug hunting platforms and private VDPs
  • Identified impactful issues such as SQLi, SSRF, Account Takeover, Privilege Escalation, Web Cache Poisoning, Race Condition, XSS, Broken Access Control, Business Logic, and Broken Authentication on various well-known companies

Projects & Blogs

FridaMe

Java Android

An intentionally vulnerable Android application designed to demonstrate the practical usage of Frida for dynamic instrumentation and security testing. Implemented custom root detection and admin-level access check bypass mechanisms.

View Project Read Article

OSINT Tool

Python Flask

A combined tool for OSINT having 4 modules including username lookup, email lookup, phone lookup, and website lookup. It can be used in both GUI and CLI modes using open source tools like Holehe and Sherlock.

View Project

Mass Admin Grabber

Python

Used to find the admin panel of more than one website at once. It accepts a list of websites and checks for exposed admin panels using multithreading to provide faster results.

View Project

Home Automation System - IoT

Android C++ Arduino

Created a Home automation system using Arduino Uno. Every home electrical appliance can be remotely controlled via an Android application with seamless integration.

View Details

Achievements

Infosecurity Europe 2024

Represented Cognisys Group at Infosecurity Europe 2024, ExCeL London. Provided technical consultancy and engaged with visitors, showcasing expertise in application security.

CVE-2024-4554 Discovery

Discovered an unauthenticated XSS in OpenText NetIQ Access Manager, bypassed existing XSS prevention measures twice by manually crafting advanced payloads.

Bug Bounty Recognition

Identified impactful vulnerabilities, earning recognition from Google, Dell, Lenovo, Zomato, Sophos, MasterCard, Bugcrowd, Chess.com, ACT Fibernet, and many more.

Speaking Engagements

Delivered SSRF session at OWASP Patna, Bug Hunting webinar at Cyber Security India and Hacker4Help, and Ethical Hacking talk at HackSudo.

H1 Ambassador Club

Member of H1 Ambassador Club - New Delhi, contributing to the cybersecurity community and mentoring aspiring security professionals.

Skills

Primary Skills

Web Application Pentesting
API Pentesting
Mobile Pentesting
Internal Network Pentesting
Cloud Security
Reconnaissance and OSINT
Reverse Engineering
Code Analysis

Tools & Technologies

BurpSuite Browser Developer Tools Nmap JADX JEB SQLMap Wireshark Netcat Metasploit Hashcat Frida OWASP ZAP

Programming Languages

Python
PHP
NodeJS
Java
C/C++
HTML/CSS
JavaScript

Education

Bachelor of Technology in Computer Science & Engineering

CHARUSAT University, Gujarat, India

2019-2022

Graduated with 8.44 CGPA

Diploma in Computer Engineering

VPMP Polytechnic, Gujarat, India

2016-2019

Graduated with 8.15 CGPA

Get In Touch

Let's Connect

I'm always open to discussing new opportunities, collaborations, or just having a chat about cybersecurity.

hi@r4jve3r.space
No PII
Anand, Gujarat, India