Hello World ! I'm, Kartik Gupta

Bug Bounty Hunter | Top Hacker on Bugcrowd Globally | CTF Player | U.S Department of Homeland Security (Trainee) | steganalyst | Penetration Tester | Cryptographer | Exploit Developer | Ocassional Cyber Security Trainer & Consultant

About Me

Hey World, I am Kartik Gupta. Here is a little about me :)

I am a self-taught Cyber Security Enthusiast, and a Hacker of course with an Ethical mindset. I m having experience in Web & Mobile application security, API security, Vulnerability Assessment & Penetration Testing (VA-PT). I am experienced with tools like burp suite, acunetix, Nessus, IBM AppScan, Nmap, Pentest tools, Frida, Drozer, and of course with Kali Linux & some GitHub open source tools like Amass, Aquatone… etc. vulnerabilities I have found frequently includes:- Injections, PrivEsc, XSS, IDOR, OWASP Top 10… etc. Secured many companies, Including the FAANG. Apart from this, I have a plethora of knowledge in digital electronics and computer circuits with a solid understanding of hardware-based security integration.

Skills and Proficiency

Ethical Hacking

Vulnerability Assessment & Penetration Testing

Computer Networking & Firewalls

cryptography & steganography

Debugging & Troubleshooting





Python Programming & Bash Scripting

Data Structures and Algorithms

Automation and AI

Digital Forensics

Security Tools - Burp Suite, Nmap, Metasploit, Sqlmap & Others

Experience

Bugcrowd

Security Researcher

I have participated in many Bug Bounty Programs on BugCrowd. Currently, I am ranked under the Top 10K Ethical Hackers of All Time.

Feb 2020 - Present

Google Bug Hunter

Security Testing (CIA)

I have tested multiple API(s) of Google some may Inc. Drive, Youtube, Translator... etc. Although many of them were out of scope, Exploring these parameters certainly pushed my limits.

Oct 2020 - Present

TryHackMe

Freelancer

TryHackMe is a platform dedicated to cyber nerds, It's a community where any individual can learn and practice their pen-testing skills by playing CTFs and deploying machines that are based on real-world problems and vulnerabilities.

Nov 2019 - Present

Gurugram Police (Cyber Crime Cell)

Internship

The Gurugram Police Cyber Security Summer Internship (GPCSSI) is being conducted under the guidance of Mr. Rakshit Tandon.

Consultant- Internet and Mobile Association of India

June 2020 - July 2020

Professional Trainings

Indian Space Research Organisation (ISRO)

India, Dehradun (remote)

A comprehensive 100 days training is offered by ISRO. Key concepts of satellite security include:- Basics of Remote Sensing, Geographic information system and, Global navigation satellite systems.

August 2021 - November 2021

National Counterintelligence and Security Center

United States of America (remote)

Office of the Director of National Intelligence conducts training related to Personnel Security, Social Engineering & Polygraphy techniques for security professionals.

August 2021 - October 2021

Cybersecurity and Infrastructure Security Agency

United States of America (remote)

A dedicated Bootcamp is conducted by CISA (annually) for teaching the concepts of hardware-based security integration and Incidence responding. It's a fairly complex training that covers the concepts of Hardware from scratch.

March 2021 - October 2021

Center of Development of Security Excellence

United States of America (remote)

A 25 hours long workshop was conducted by the Center of Development of Security Excellence, Aim of the training was to give an Overview of Continuous Vetting Methodology to security professionals.

July 2021 - July 2021

Hall of Fame

Netflix

I recently found a huge vulnerability in Netflix's Application, It was basically a parameter bypass. Netflix awarded me a Hall-Of-Fame and 4 points for this initiate, Global ranking under 10k on Bugcrowd.

June 2020 - July 2020

Unofficial Publications

Dummy Labs

Android Application

During the pandemic, I developed an android application that was basically a virtual chemistry lab to tackle the need for conducting lab-based practicals during the covid crisis, I used android studios for developing the application and coded it via Kotlin.

April 2020 - January 2021

Controlling the Four Wheels

Research Thesis

I have been working on writing a book for approximately 2 years now. I have caught the concepts from freely available resources on working autonomous vehicles and the principles of IoT in driverless cars. I then combined my knowledge and wrote a research thesis on bypassing this system using RTL-SDR and Alfa Network hardware.

May 2019 - Oct 2020

Recognition in Robotics

International Robotics Competition

held at Beijing, China

I and my team developed a robot that was responsible for automating the process of city development, The basic task of the robot was to pick the bricks and stack them over the other bricks in order to develop buildings & schools for the smart city. I secured 4th position in this event and was awarded a certificate.

June 2017

International Robotics Competition

held at SUTD, Singapore

In the following event, I developed a robot for automating the city, The basic task of the robot was to detect the obstacles on the road like trash, dirt, fallen tree's/branches and pick them up to make the city neat and clean. I secured 3rd position in this event and was awarded a certificate, medal, and trophy.

June 2016

Certifications

Cybersecurity Essentials

Cisco Networking Academy

Python for Data Science

International Business Machines (IBM)

Networking Essentials

Cisco Networking Academy

Fortinet Network Security Expert Level 1: Certified Associate

Fortinet

Certified Network Security Specialist (CNSS)

ICSI (International CyberSecurity Institute), UK

Certified Associate in Python Programming

Python Institute

Education

B.Tech. CSE in Information Security

Vellore Institute of Technology, Vellore (Tamil Nadu)

2021 - present

Senior Secondary, Engineering Science

Indraprastha World School, New Delhi

2019 - 2021

Get in Touch

Drop me a message over Email.

cyberkartik@gmail.com (Surface Web)

kartik@elude.in (Deep Web)