Opinion
Mar 18, 2026
Secure AI: 5 Essential CISO Actions
Introduction to AI Agent Security As AI agents become increasingly autonomous, they pose a significant threat to the security of our systems and data. …
Available for opportunities
Security Researcher & Penetration Tester
Rishabh Yadav
// _
Breaking systems to make them stronger. I find vulnerabilities before the bad actors do — turning weaknesses into hardened defences through ethical hacking and rigorous testing.
⌄
"I don't just test systems —
I think like the attacker."
Cybersecurity professional with a relentless curiosity for breaking things and a disciplined methodology for fixing them. From corporate internships at Fortune 500 companies to late-night CTF sessions, every experience sharpens the blade.
$ whoami
role: VAPT Analyst & SOC Specialist
location: India 🇮🇳
status: ● Open to Work
focus: Offensive Security & Defensive Security
motto: "Break it. Report it. Fix it."
Skills & Expertise
Technical Arsenal
Offensive Security
Defensive & Monitoring
Security Tools
Programming & Scripting
Standards & Methodology
Platforms
Professional Experience
Where I've Worked
2024
JPMorgan Chase & Co.
Cybersecurity Analyst Intern
- Identified vulnerabilities in financial web applications
- Wrote remediation reports with CVSS scoring
- Developed Python patches for identified issues
- Gained exposure to enterprise-scale SDLC security
2024
Deloitte
Cyber & Technology Analyst Intern
- Investigated security incidents using SIEM tooling
- Performed digital forensics on compromised endpoints
- Analysed telemetry data and built IR documentation
- Learned enterprise incident response playbooks
2024
Mastercard
Security Awareness Analyst Intern
- Designed targeted phishing simulation campaigns
- Analysed campaign results and reported to stakeholders
- Created improved security awareness training materials
- Reduced simulated click rate by identifying high-risk teams
2023
Infosys
Cybersecurity Fundamentals Intern
- Worked on backend development and scripting.
- Developed scripts for workflow automation
- Worked in Agile development environments
- Improved secure coding practices
Featured Work
Projects
Featured
Security Tool
Poor Man's Pentest
A lightweight, modular penetration testing toolkit built in Python. Automates reconnaissance, vulnerability scanning, and report generation — all from a single command. Designed for pentesters who need quick results without heavy frameworks.
Capture The Flag
Recent Write-ups
Medium
TryHackMe
TryHackMe: Mr. Robot — Full Walkthrough
Complete walkthrough of the TryHackMe Mr. Robot machine — all 3 flags captured through web …
Read Write-up →
Easy
TryHackMe
TryHackMe: Blue — EternalBlue (MS17-010) Walkthrough
Exploiting the infamous EternalBlue vulnerability on the TryHackMe Blue machine using Metasploit.
Read Write-up →
Easy
HackTheBox
HackTheBox: Starting Point — Meow, Fawn, and Dancing
Walkthrough of the first three HackTheBox Starting Point machines covering Telnet, FTP, and SMB …
Read Write-up →Credentials
Certifications
Certified Ethical Hacker (CEH)
EC-Council
2024
ActiveCC – Certified in Cybersecurity
ISC2
2024
ActiveAndroid Bug Bounty Hunting:
Hunt Like a Rat
Hunt Like a Rat
EC-Council
2025
ActiveOSCP
OffSec
2026
In Progress# Completed
[✓] Certified Ethical Hacker (CEH)
[✓] CC – Certified in Cybersecurity
[✓] Android Bug Bounty Hunting: Hunt Like a Rat
# In Progress
[ ] OSCP
Latest Articles
From the Blog
Research
Mar 18, 2026
Unlock Siemens SICAM SIAPP SDK Potential
Introduction to Siemens SICAM SIAPP SDK Vulnerabilities As a VAPT Analyst & Penetration Tester, I have been following the recent alerts from CISA …
Tutorials
Mar 17, 2026
LiveChat Phishing Scam: Beware of Credit Card Thieves
Introduction to Social Engineering via LiveChat As a VAPT analyst and penetration tester, I have witnessed numerous social engineering campaigns that …
Ready to talk security?
Let's connect — whether it's about a role, a project, or breaking into systems (ethically, of course).