Summary
Overview
Work History
Education
Skills
Certification
Websites
Timeline
Generic

Kunal Patil

Pune

Summary

An experienced penetration tester with over 2.5 years of expertise in web application and security testing. Proficient in identifying, exploiting, and recommending mitigation techniques for vulnerabilities across various platforms, including cloud environments. Skilled in manual and automated security assessments using tools such as Burp Suite, AppScan, and Nmap. Strong understanding of industry standards (OWASP, NIST), and common security vulnerabilities. Adept at collaborating with cross-functional teams and reporting findings with detailed POC and risk assessment.

Overview

3
3
years of professional experience
1
1
Certification

Work History

Application Security Analyst

Cognizant
01.2023 - Current
  • Performed penetration testing for web, API, and network (internal and external) applications across multiple projects.
  • Conducted a manual, secure source code review to identify logic flaws and misconfigurations.
  • Utilized Qualys for automated infrastructure vulnerability scanning, followed by the manual exploitation of high-risk findings.
  • Identified open ports and vulnerable services, using custom commands/scripts to simulate attacker behavior on exposed network devices.
  • Conducted dark web monitoring to identify potential leaked credentials, sensitive data, or internal assets.
  • Prepared a detailed report describing the vulnerability, including a detailed PoC and other attachments, providing a concise risk assessment and offering fix recommendations for a 30% reduction in potential security breaches.
  • Performed OSINT-based exploitation and reconnaissance to uncover exposed infrastructure or misconfigured services.

Bug Bounty Hunter

Bugcrowd/Hackerone
02.2022 - 11.2023
  • Performed external penetration testing on web applications and API endpoints to identify and exploit over 200 security vulnerabilities.
  • Performed complete automated regex and manual security testing of the web application.
  • Collaborated in private programs involving authentication bypass, information disclosure, business logic flaws, and SQL injection.
  • Developed scripts and tools to automate repetitive tasks during the penetration testing process, saving time without compromising quality.

Education

Bachelor of Computer Engineering -

Kavayitri Bahinabai Chaudhari North Maharashtra University
Jalgaon
06.2023

Skills

  • Vulnerability Assessment & Penetration Testing (VAPT)
  • Threat Intelligence
  • Cloud Security (AWS) (Basic)
  • Secure Code Review(Manual)
  • Tools: Burp-Suite, Nmap, Dirsearch, VirusTotal, Linux, Qualys

Certification

  • Certified Ethical Hacker (CEH v13) – EC-Council
  • Microsoft Azure Administrator Associate – Microsoft
  • PG Diploma in Cyber Security & Forensics (PG-DCSF) – CDAC

Timeline

Application Security Analyst

Cognizant
01.2023 - Current

Bug Bounty Hunter

Bugcrowd/Hackerone
02.2022 - 11.2023

Bachelor of Computer Engineering -

Kavayitri Bahinabai Chaudhari North Maharashtra University
Kunal Patil