[ AVAILABLE FOR WEB & API PENTEST & OFFENSIVE SECURITY ]
Offensive security professional who finds vulnerabilities before adversaries do. Specialized in web application attacks, business logic flaws, and AI-augmented bug discovery workflows. Real-world impact, not certifications theatre.
I'm a cybersecurity professional focused on offensive security and vulnerability research. My work is about identifying real attack vectors—not just ticking compliance boxes.
I specialize in web application security, business logic flaws, and authentication bypass techniques. I've built a systematic approach to bug hunting that consistently surfaces high-impact findings.
I leverage AI automation to accelerate recon, pattern detection, and report generation—turning manual hours into minutes and keeping focus on the attack surface that matters.
I'm also the CEO & Co-Founder of Digitach Agency, where I drive offensive security research and automation-led security solutions.
Based in BANARAS, India. Available for bug bounty programs, penetration testing engagements, and security consulting.
Generates cryptographically sound passwords and evaluates entropy, pattern weaknesses, and dictionary vulnerability. Built to demonstrate real-world auth failure modes and mitigation.
Advanced reconnaissance automation pipeline for web application security testing. Aggregates subdomains, discovers endpoints, analyzes JavaScript for secrets, and detects vulnerabilities such as IDOR, exposed cloud assets, and GraphQL misconfigurations.
Educational DDoS simulation tool for controlled lab environments. Designed to help security teams understand traffic flood mechanics, rate limiting gaps, and infrastructure resilience thresholds.
Python-based steganography tool for embedding and extracting hidden data within image files using LSB encoding. Demonstrates covert data exfiltration techniques and detection strategies.
AI doesn't replace methodology—it compresses the time between discovery and confirmation. Here's how I integrate AI at every stage of the bug hunting pipeline to maximize signal-to-noise ratio and uncover what manual processes miss.
LLM-assisted subdomain enumeration, tech stack inference, and attack surface mapping from passive sources.
Automated parameter discovery and intelligent payload generation using AI-crafted wordlists based on application context.
AI processes response differentials, anomalies, and source code patterns to surface logic flaws and injection points faster.
Automated impact assessment using CVSS criteria, business context analysis, and exploitability scoring before manual review.
Structured, high-quality vulnerability reports generated with AI, covering PoC, impact, and remediation—ready in minutes.
Bug bounty program? Penetration test? Security consulting?
If you have a scope, I have the skills to find what others miss.