Kunal Patil
Pune
Summary
An experienced penetration tester with over 2.5 years of expertise in web application and security testing. Proficient in identifying, exploiting, and recommending mitigation techniques for vulnerabilities across various platforms, including cloud environments. Skilled in manual and automated security assessments using tools such as Burp Suite, AppScan, and Nmap. Strong understanding of industry standards (OWASP, NIST), and common security vulnerabilities. Adept at collaborating with cross-functional teams and reporting findings with detailed POC and risk assessment.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Application Security Analyst
Cognizant
01.2023 - Current
- Performed penetration testing for web, API, and network (internal and external) applications across multiple projects.
- Conducted a manual, secure source code review to identify logic flaws and misconfigurations.
- Utilized Qualys for automated infrastructure vulnerability scanning, followed by the manual exploitation of high-risk findings.
- Identified open ports and vulnerable services, using custom commands/scripts to simulate attacker behavior on exposed network devices.
- Conducted dark web monitoring to identify potential leaked credentials, sensitive data, or internal assets.
- Prepared a detailed report describing the vulnerability, including a detailed PoC and other attachments, providing a concise risk assessment and offering fix recommendations for a 30% reduction in potential security breaches.
- Performed OSINT-based exploitation and reconnaissance to uncover exposed infrastructure or misconfigured services.
Bug Bounty Hunter
Bugcrowd/Hackerone
02.2022 - 11.2023
- Performed external penetration testing on web applications and API endpoints to identify and exploit over 200 security vulnerabilities.
- Performed complete automated regex and manual security testing of the web application.
- Collaborated in private programs involving authentication bypass, information disclosure, business logic flaws, and SQL injection.
- Developed scripts and tools to automate repetitive tasks during the penetration testing process, saving time without compromising quality.
Education
Bachelor of Computer Engineering -
Kavayitri Bahinabai Chaudhari North Maharashtra University
Jalgaon06.2023
Skills
- Vulnerability Assessment & Penetration Testing (VAPT)
- Threat Intelligence
- Cloud Security (AWS) (Basic)
- Secure Code Review(Manual)
- Tools: Burp-Suite, Nmap, Dirsearch, VirusTotal, Linux, Qualys
Certification
- Certified Ethical Hacker (CEH v13) – EC-Council
- Microsoft Azure Administrator Associate – Microsoft
- PG Diploma in Cyber Security & Forensics (PG-DCSF) – CDAC
Timeline
Application Security Analyst
Cognizant
01.2023 - Current
Bug Bounty Hunter
Bugcrowd/Hackerone
02.2022 - 11.2023
Bachelor of Computer Engineering -
Kavayitri Bahinabai Chaudhari North Maharashtra University
Similar Profiles
RABAB FATIMARABAB FATIMA
Agency Success Lead – DV360 at CognizantAgency Success Lead – DV360 at Cognizant
Rene Villasenor RiestraRene Villasenor Riestra
Technical Program Manager/Service Delivery Manager at CognizantTechnical Program Manager/Service Delivery Manager at Cognizant
ASMA FARHEEN AASMA FARHEEN A
Associate (QA Lead) at CognizantAssociate (QA Lead) at Cognizant
Navya VootlaNavya Vootla
Associate at CognizantAssociate at Cognizant
Soumyadeep GhoshSoumyadeep Ghosh
Graduate Engineer Trainee at Air ProductsGraduate Engineer Trainee at Air Products