๐Ÿ›ก๏ธ

โœฆ WELCOME โœฆ

Chandan Kumar

Red Team Professional โ€ข VAPT Specialist

Press any key or click to skip
EN
โŒจ๏ธ Shortcuts
H Home   A About
S Skills   E Experience
P Projects   C Contact
T Theme   ? Toggle
HomeAboutSkillsProjectsContact

๐Ÿ‘‹ HELLO WORLD

ChandanKumar

Aspiring Red Team Professional โ€ข VAPT Specialist โ€ข Bug Hunter

๐Ÿ“ South Delhi, New Delhi 44
โœ‰๏ธ Chandan20516@gmail.com
๐Ÿ“ฑ +91 9310247308

0TRYHACKME TOP
0TOOLS BUILT
0VULNS REPORTED
Explore My Work LinkedIn GitHub
Chandan Kumar
๐ŸŸข Available for Opportunity
01. About

Who I Am

๐Ÿ›ก๏ธ

I'm an Aspiring Red Team Professional with hands-on experience in Vulnerability Assessment & Penetration Testing (VAPT) and offensive security. I specialize in Web Application Security, Linux Privilege Escalation, Cloud Security, and Active Directory Pentesting, along with knowledge of threat hunting, risk assessment, incident response, and ISO 27001 fundamentals.

Proficient in OWASP Top 10, PTES, MITRE ATT&CK, and OSINT. Skilled with Burp Suite, Metasploit, Nmap, Nessus, SQLmap, Wireshark, Splunk, and Wazuh.

Active in CTFs on TryHackMe (Top 5% globally) and HackTheBox. Contributor to Bug Bounty & Responsible Disclosure Programs.

02. Skills

Technical Expertise

๐ŸŽฏ Offensive Security

Web Application Pentesting 85%
Network Penetration Testing 75%
Linux Privilege Escalation 80%
Cloud Security (AWS) 50%
Active Directory Pentesting 55%

๐Ÿ›ก๏ธ Defensive & Scripting

Python / Bash Scripting 65%
Threat Hunting (Splunk/Wazuh) 55%
OSINT & Reconnaissance 78%
Report Writing 85%

๐Ÿ› ๏ธ Tools & Technologies

Burp SuiteMetasploitNmapNessusSQLmapWiresharkHydraJohn the RipperGobusterSplunkWazuhKali LinuxPythonBashGitHubNiktoOWASP ZAPPostmanHttpxKatanaLinPEAS
03. Experience

Professional Journey

Sep 2025 โ€“ Oct 2025
Cyber Security Intern
Redynox

Conducted web app VAPT using Nmap, Burp Suite, Nikto, Gobuster. Identified OWASP Top 10 vulnerabilities with CVSS risk ratings. Supported SOC operations โ€“ analyzed alerts & reviewed logs. Assisted phishing simulations & security awareness initiatives.

2025 โ€“ Present
Bug Bounty Hunter
Independent Security Researcher

Discovered XSS, IDOR, CSRF, authentication bypass. Manual & automated OWASP-aligned testing. In-depth reconnaissance & attack surface analysis. Responsible disclosure via coordinated programs.

Ongoing
CTF Player & Lab Practitioner
TryHackMe | HackTheBox | Vulnhub

Top 5% on TryHackMe globally. Completed Pre Security, Advent of Cyber paths. Active on HTB Labs & PortSwigger Academy.

2025 โ€“ 2026
CTF Competitions
Participant

OffSecDiary CTF โ€“ 2025, Cryptonic Area CTF โ€“ 2025, Advent of Cyber โ€“ 2025, Elite Code Hackathon โ€“ 2026.

04. Projects

What I've Built

๐Ÿ•ต๏ธ

LeakSpy Pro v4

Browser Extension

Passive recon tool detecting API keys, emails, hidden endpoints & misconfigured headers. Built with JavaScript & DOM parsing.

View on GitHub โ†’
๐Ÿงช

Web App Pentest Lab

VAPT Project

End-to-end pentesting on DVWA & Juice Shop. Exploited 8+ OWASP vulnerabilities with CVSS scoring & professional reports.

๐Ÿง

Linux Privilege Escalation Lab

Security Lab

Exploited SUID binaries, cron jobs, sudo misconfigs. Validated with LinPEAS. Documented remediation strategies.

๐Ÿ› ๏ธ

Custom Python Tools

Tool Development

Port scanner, password strength checker, keylogger, directory enumeration, XSS content checker.

View on GitHub โ†’
05. Certifications

Credentials & Training

Linux Essentials

Craw Security

Aug 2025

Pre Security

TryHackMe

Feb 2026

CEH โ€“ Cisco

Cisco

Mar 2026

Intro Cyber Security

Simplilearn

Sep 2025

Deloitte Cyber Virtual

Forage

Sep 2025

Tata Cyber Virtual

Forage

Mar 2026

06. Achievements

Highlights & Recognition

๐Ÿ† Platform Rankings

  • TryHackMe โ€“ Top 5% globally
  • HackTheBox โ€“ Active Labs
  • PortSwigger Academy โ€“ Web Security

๐ŸŽฏ CTF Competitions

  • OffSecDiary CTF โ€“ 2025
  • Cryptonic Area CTF โ€“ 2025
  • Advent of Cyber โ€“ 2025
  • Elite Code Hackathon โ€“ 2026

๐Ÿ› Bug Bounty

  • XSS, IDOR, CSRF, Auth Bypass reported
  • Responsible disclosure programs
  • Active on HackerOne & Bugcrowd

๐Ÿ”ง Tools Built

  • LeakSpy Pro v4
  • Port Scanner (Python)
  • Password Strength Checker
  • Directory Enumeration Tool
  • XSS Content Checker
07. Education

Academic Background

๐ŸŽ“

BCA

IGNOU, New Delhi

2025 โ€“ 2028

๐Ÿ”

Diploma in Cyber Security

CRAW Security, New Delhi

2025 โ€“ 2026

๐Ÿ“š

XII โ€“ Commerce with Maths

CBSE Board

2024 โ€“ 2025

๐Ÿ“–

X โ€“ All Subjects

CBSE Board

2022 โ€“ 2023

08. GitHub

Contribution Activity

GitHub Contribution Graph
09. Blog

Security Writeups

๐Ÿ“

Relevant Room - Full Walkthrough (TryHackMe)

Medium Article

Step-by-step walkthrough of the Relevant room on TryHackMe. Covers enumeration, exploitation, and privilege escalation techniques.

Read on Medium โ†’
๐Ÿ”

Metasploitable 2 - Full Walkthrough

Medium Article

Complete step-by-step guide to exploiting Metasploitable 2. Covers service enumeration, vulnerability scanning, and exploitation.

Read on Medium โ†’
๐Ÿง

Linux Privilege Escalation Techniques

Coming Soon

Common misconfigurations and how to exploit them for privilege escalation on Linux systems.

๐Ÿ› ๏ธ

Building Security Tools with Python

Coming Soon

Tutorial on creating custom penetration testing tools using Python for automation and reconnaissance.

๐Ÿ“š More articles on my Medium profile

medium.com/@chandan20516 โ†’
10. Testimonials

What People Say

๐Ÿ‘ค

"Chandan's dedication to cybersecurity is inspiring. His VAPT skills and bug bounty findings demonstrate real talent and commitment to the field."

Senior Security Analyst

Industry Professional

๐Ÿ‘ค

"Great team player with strong technical skills. His CTF performance and tool development showcase initiative and problem-solving ability."

Team Lead

Redynox

๐Ÿ‘ค

"Impressive knowledge of OWASP Top 10 and penetration testing methodologies. A promising red teamer with a bright future ahead."

Mentor

Cyber Security Community

11. Pursuing

Advanced Certifications

๐ŸŽฏ

CRTP

Certified Red Team Professional

Active Preparation

Currently studying and preparing for the CRTP certification. Focusing on Active Directory attacks, lateral movement, persistence, and advanced red team operations. This certification validates expertise in real-world attack simulation.

โ˜๏ธ

CARTP

Certified Azure Red Team Professional

Active Preparation

Actively studying for the CARTP certification. Learning Azure cloud security testing, Entra ID (Azure AD) attacks, cloud privilege escalation, and hybrid environment exploitation techniques.

๐Ÿš€

OSCP (Future Goal)

Offensive Security Certified Professional

Planned โ€ข After CRTP & CARTP

Planning to pursue OSCP after completing CRTP and CARTP. Building foundational exploit development skills and practicing in dedicated lab environments.

12. Contact

Let's Connect

I'm actively looking for opportunities in Red Teaming, VAPT, and Security Research! Feel free to reach out for collaboration or opportunities.

Email

Chandan20516@gmail.com

Phone

+91 9310247308

GitHub

github.com/Chandan-44

LinkedIn

chandan-kumar-eh

Medium

@chandan20516

Resume

Download PDF