Research
Mar 22, 2026
Android Advanced Flow: Secure APK Sideload
Introduction to Advanced Flow In my pentesting engagements, I’ve encountered numerous Android devices with insecurely configured sideloading …
Available for opportunities
Security Researcher & Penetration Tester
Rishabh Yadav
// _
Breaking systems to make them stronger. I find vulnerabilities before the bad actors do — turning weaknesses into hardened defences through ethical hacking and rigorous testing.
⌄
"I don't just test systems —
I think like the attacker."
Cybersecurity professional with a relentless curiosity for breaking things and a disciplined methodology for fixing them. From corporate internships at Fortune 500 companies to late-night CTF sessions, every experience sharpens the blade.
$ whoami
role: VAPT Analyst & SOC Specialist
location: India 🇮🇳
status: ● Open to Work
focus: Offensive Security & Defensive Security
motto: "Break it. Report it. Fix it."
Skills & Expertise
Technical Arsenal
Offensive Security
Defensive & Monitoring
Security Tools
Programming & Scripting
Standards & Methodology
Platforms
Professional Experience
Where I've Worked
2024
JPMorgan Chase & Co.
Cybersecurity Analyst Intern
- Identified vulnerabilities in financial web applications
- Wrote remediation reports with CVSS scoring
- Developed Python patches for identified issues
- Gained exposure to enterprise-scale SDLC security
2024
Deloitte
Cyber & Technology Analyst Intern
- Investigated security incidents using SIEM tooling
- Performed digital forensics on compromised endpoints
- Analysed telemetry data and built IR documentation
- Learned enterprise incident response playbooks
2024
Mastercard
Security Awareness Analyst Intern
- Designed targeted phishing simulation campaigns
- Analysed campaign results and reported to stakeholders
- Created improved security awareness training materials
- Reduced simulated click rate by identifying high-risk teams
2023
Infosys
Cybersecurity Fundamentals Intern
- Worked on backend development and scripting.
- Developed scripts for workflow automation
- Worked in Agile development environments
- Improved secure coding practices
Featured Work
Projects
Featured
Security Tool
Poor Man's Pentest
A lightweight, modular penetration testing toolkit built in Python. Automates reconnaissance, vulnerability scanning, and report generation — all from a single command. Designed for pentesters who need quick results without heavy frameworks.
Capture The Flag
Recent Write-ups
Medium
TryHackMe
TryHackMe: Mr. Robot — Full Walkthrough
Complete walkthrough of the TryHackMe Mr. Robot machine — all 3 flags captured through web …
Read Write-up →
Easy
TryHackMe
TryHackMe: Blue — EternalBlue (MS17-010) Walkthrough
Exploiting the infamous EternalBlue vulnerability on the TryHackMe Blue machine using Metasploit.
Read Write-up →
Easy
HackTheBox
HackTheBox: Starting Point — Meow, Fawn, and Dancing
Walkthrough of the first three HackTheBox Starting Point machines covering Telnet, FTP, and SMB …
Read Write-up →Credentials
Certifications
Certified Ethical Hacker (CEH)
EC-Council
2024
ActiveCC – Certified in Cybersecurity
ISC2
2024
ActiveAndroid Bug Bounty Hunting:
Hunt Like a Rat
Hunt Like a Rat
EC-Council
2025
ActiveOSCP
OffSec
2026
In Progress# Completed
[✓] Certified Ethical Hacker (CEH)
[✓] CC – Certified in Cybersecurity
[✓] Android Bug Bounty Hunting: Hunt Like a Rat
# In Progress
[ ] OSCP
Latest Articles
From the Blog
Research
Mar 22, 2026
Cisco Firewalls Under Attack
Introduction to Interlock Ransomware As a VAPT analyst and penetration tester, I’ve been following the recent surge in ransomware attacks …
Research
Mar 22, 2026
Disrupting IoT Botnets: Mitigating DDoS Threats
Introduction to IoT Botnets In my pentesting engagements, I’ve encountered numerous instances of IoT devices being compromised and used as …
Ready to talk security?
Let's connect — whether it's about a role, a project, or breaking into systems (ethically, of course).