About Me
Hey World, I am Harsh Bothra. Here's a little about me :)
Harsh Bothra is currently working as a Senior Security Consultant at RedHunt Labs and is also one of the Core Pentester & Team Lead at Cobalt.io. He holds a bachelors degree in Computer Science & Engineering, and his significant interests revolve around Application Security, Penetration Testing & Red Teaming. Harsh loves to participate in various bug bounty programs and are currently ranked under Top 180 Researchers & MVP for 2020 Q1-Q2 on Bugcrowd and is a part of Synack Red Team. He actively blogs about his security findings and interesting learnings on Medium Publications. He has authored two books on Hacking, primarily focusing on beginners. Harsh's book has been previously recommended by NITTR-Chandigarh & AICTE (Govt. of India bodies). He holds 60+ Hall of Fames from various companies and tested over 600+ Applications. He loves to talk about multiple cyber security stuff and has carried out many sessions related to Cyber Security, Ethical Hacking & Application Security. He is always ready to support and mentor people the best way he can. Harsh recently completed his one year long learning challenge named as Learn365
Download CVSkills
Web Application Penetration Testing
API Penetration Testing
Internal & External Network Penetration Testing
Mobile Application Penetration Testing (Android & iOS)
Source Code Review
Cloud & Container Configuration Review [AWS, Azure & Docker]
Thick Client Penetration Testing
Security Tools - Burp Suite, Nmap, Metasploit, Sqlmap & Others
Python, Php, Bash, Javascript
Writing & Communication - Blogs, Articles & Reports
Experience
Cobalt Core
Core Team Lead & Pentester
November 2020 - Present
Featured Pentester @https://cobalt.io
Performing Penetration Testing on Web Application, Network, Mobile, Thick Client and Cloud Configuration Reviews for the top clients world-wide. As a team lead, I am responsible to successful execution of a penetration testing, ensuring quality and collaboration between the testing team along with vulnerability triaging and reviewing.
RedHunt Labs
Senior Security Consultant
March 2021 - February 2022
Wprked as a Senior Security Consultant at RedHunt Labs, my responsibilities included end-to-end penetration testing, open source intelligence, configuration review, reporting and client communication.
Detox Technologies
Cyber Security Analyst
August 2020 - February 2021
Worked as a Cyber Security Analyst at Detox Technologies, my responsibilities included Manual Penetration Testing of Web Application, Internal and External Network, APIs, Mobile Applicaiton, Thick Clients, Threat Modeling, Cloud Configuration Review, Phishing Simulation, Red Teaming Simulation, Reporting & Documentation. Apart from that I work along with team to implement knowledge transfer, implementing streamlined approach to penetration testing, providing knowledge to public via blogs & pre-recorded sessions.
Security Innovation
Security Engineer
August 2019 - August 2020
Worked as a Security Engineer at Security Innovation, my responsibilities included Manual Penetration Testing of Web Application, Internal and External Network, APIs, Mobile Applicaiton, Thick Clients, Threat Modeling, Cloud Configuration Review, Reporting & Documentation.
Synack Red Team
Red Team Member
April 2020 - Present
Accessing & Securing the applications.
Bugcrowd
Freelance Researcher
February 2020 - Present
Accessing & Securing applications.
Cyber Square Info Solutions
Founder
September 2017 - August 2019
Projects & Publications
SecurityExplained
SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Take Me There!
Resources Wiki
Single place to find all the resources I have created.
Written in Bash
Take Me There!
Learn 365 Challenge
Repository of Notes from learning of each day under #learn365 Challenge
Give a Try
Hacking: Be a Hacker with Ethics
Khanna Publishers
Recommended by AICTE (Cyber Security Reference Book) & NITTTR-Chandigarh
2016
Get a Copy
Wall of Fame
CVE-2020-24849
CVE-2020-23868
CVE-2020-23989
Stackpath
ConvertKit
Xfinity Home & xFi
Statuspage
Naspers
ISC2
Hubspot
Socrata
Transferwise
Arlo
Redox
Telefonica Germany
Sophos
Gusto
Dell Technologies
Overstock
InVision
Humble Bundle
Mastercard
You Need a Budget
Jet.com
Centrify
SAP Concur
MasterCard VDP
Cybrary
Canva
35+ Private Programs
Certifications & Achievements
eWPTXv2
eLearnSecurity
9362555
eCPPTv2
eLearnSecurity
9276703
Certified Ethical Hacker v10
EC-Council
2019 - 2021
Bugcrowd MVP for 2020 Q1
Bugcrowd
2020 Q1
Introduction, Unix, Essential, PCAP, White & Serialize Badge
PentesterLab
Qualys Certified Specialist - Vulnerability Management
Qualys
Fortinet NSE Level-1 & Level-2
Fortinet
IBM Data Science Track
IBM
Certified Information Security Expert & Certified Web Application Security Expert
Innobuzz Knowledge Solutions
2013 - 2016
Introductory certifications in Python, Python Data Science Toolbox, Intermediate Python, R, SQL for Data Science
Datacamp
Deep Learning for Computer Vision
NVIDIA Deep Learning Institute
5th Runner Up - HackerCup India
2016
11th Rank - Ground Zero Summit - No Escape: CTF
2015
Letter of Acknowledgement for Project Bheem by Symbiosis Center for Information Technology
2020
Talks & Sessions
Exploiting Misconfigured JIRA Instances for $$
Find Talk Here
Got Cookies? Exploiting Vulnerabilities in Cookie Based Authentication
Find Talk Here
Pentester Diaries EP-2: 2FA Bypass Techniques
Find Talk Here
Security Talks by Harsh (Collection of all Security Talks by Me)
Find Playlist Here
Buggy Wisdom: Tales of Bug Hunting and How You Can Do It Too!
Find Podcast Here
Bug Hunting Tactics - Cyber Sentinel UPES Dehradun
Find Talk Here
Interview - GrayHat Conference 2020
Find Talk Here
Speaker - Red Team Village at GrayHat Con 2020
Find Talk Here
Speaker - Red Team Village at C0c0n 2020
Find Talk Here
Speaker - Bug Bounty Village at C0c0n 2020
Find Talk Here
Speaker - Cyber June'gle 2020 by Defcon Red Team & Texas Cyber
Find Talk Here
Speaker - Null Bhopal September Meetup
Find Talk Here
Offensive Recon - Bug Hunter's Playbook
Find Talk Here
Speaker - TheQuest 0x03 by We Are Plymouths
Find Talk Here
Trainer: 3-day Cyber Security Workshop at RNB Global University
Guest Speaker: Cyber Security Practices at RNB Global University
Session: Cyber Security Essentials at Wadia College, Pune
Guest Speaker: Penetration Testing at Vivekanand Institute of Technology, Jaipur
Guest Speaker: All India Radio, Jaipur
Speaker: Cloud Security Alliance Dehradun, 2016
Community Engagements
OWASP-Jaipur Chapter Leader
2016-2018
Organizer: Cyber Square Summit 2016
Head of Technija Cyber Security Club at Amity University Rajasthan
OWASP-Bikaner Chapter Leader
2019-2020
Education
B.Tech - Computer Science with Minors in Management Studies
Amity University Rajasthan
2015-2019
8.12 CGPA
High School
Yadav Bharti Senior Secondary School
2014-2015
81%
Get in Touch
Drop me a Email at below address:
hbothra22@gmail.com