Shashi Kant Prasad

I'm a

About

I'm an OSCP certified cyber security professional with expertise in penetration testing across various domains including Cloud, Web Apps, API, Active Directory, and DevOps.

Penetration Tester & Developer

I began my career at Infosys as a Full Stack Developer. I worked on Verizon's Private IP (L3VPN) and Ethernet Private Line (E-Line) services as a Microservices Developer following Agile methodology.

I transitioned into the role of Application Security Engineer, responsible for conducting code reviews to identify vulnerabilities and securing Restful APIs for the entire iEN project at Verizon.

Over the years, I have developed the skills necessary for a role in Penetration Testing and have expertise in the following areas:

  •   AWS Penetration Testing
  •   Web Application Penetration Testing
  •   API Penetration Testing
  •   Active Directory
  •   DevOps

Certifications & Achievements

  •   Offensive Security Certified Proffesional (OSCP)
  •   API Penetration Testing issued by APIsec University
  •   Infosys Certified Ethical Hacker
  •   Rank 10 on Cloudfoxable (AWS Hacking Platform)
  •   Top 1% [0xD] [G0D] on TryHackMe
  •   Top 1% on PortSwigger Academy
  •   CTFs Completed : CloudGoat, AWS Goat, Flaws, Flaws2
  •   Cloud Resume Challenge

Resume

Innovative and deadline-driven Appsec Engineer with 1+ years of experience securing Enterprise Applications and 2+ years of experience developing Microservice-Based RESTful APIs using Java Spring-Boot Stack for a major US telecom company.

Sumary

Shashi Kant Prasad

A cyber security enthusiast proficient in penetration testing across various domains including Cloud, Web, API, Active Directory, and DevOps.

  • Delhi, India
  • cybersecshashi@gmail.com
  • www.cybersecshashi.com

Education

BTech Information Technology

2015 - 2019

Delhi Technological University (DTU)

Computer Programming, Networking, OS, DBMS, Data Structures and Algorithms, OOPS

Self Learning

2019 - Present

TryHackMe, HackTheBox and other platforms

Completed paths : Red Teaming, CompTIA PenTest+, Offensive Security, Web Fundamentals, Junior Penetration Tester.

Completed over 150+ rooms on TryHackme and Pawned more than 100+ machines on HackTheBox and Proving Grounds.

Professional Experience

Application Security Engineer

2022 - Present

Infosys

  • Discovered and addressed vulnerabilities across Verizon's entire iEN (Intelligent Edge Network) project.
  • Implemented SAST and DAST tools in CICD pipeline to secure micro-service based Java applications.
  • Manual Source Code Analysis to identify any OWASP Top 10 vulnerabilities.
  • Fixed vulnerable APIs and their associated code base.

Full Stack Developer

2019 - 2022

Infosys

  • Developed numerous features (micro-services) for Verizon's L3VPN and E-Line services using Java Spring-Boot Tech Stack.
  • Automation and Testing of delivered features.
  • Collaborated with multiple vendors across geographically distributed teams to develop, test, and deploy a Microservice-based Enterprise Application.
  • Recieved Appreciation from clients for my exemplary job in delivering features in an agile manner.


Website's Architectural Diagram