About
Introduction
I’m Neh Patel, a passionate security engineer hailing from India. With a year of professional experience in vulnerability assessment and penetration testing, I bring a diverse skill set and a solid background in securing web applications, mobile platforms, APIs, and conducting red teaming exercises.
Skills
- Vulnerability Assessment and Penetration Testing (VAPT)
- Web Application/Mobile Penetration Testing
- Red Teaming
- API Penetration Testing
- Docker
- Network Penetration Testing and Security
- Frameworks: MITRE, NESSUS, Metasploit
- Operating System: Linux, OSI, TCP IP
Professional Experience
- Deloitte (Attack Surface Management and VAPT Engineer)
- Gathered valuable insights during my internship at Deloitte, enhancing my skills in vulnerability assessment and penetration testing.
- Securr Tech (Internal Audit/Vulnerability Manager & Automation Engineer)
- Occupied a role similar to the position I’m applying for, where I actively managed internal audits, vulnerabilities, and spearheaded automation initiatives.
Achievements
- Recognized in the leaderboard of Microsoft’s Most Valuable Security Researcher of the Year.
- Ranked 22 globally in Microsoft’s Top Security Researcher leaderboard for the third quarter.
- Hall of Fame in Google, Apple, and Microsoft for reporting quality bugs.
- Top 30 Bug Hunters on the Bugbounter platform.
- Acknowledged by Lenovo Security Team.
- Champion with the highest points at the Null Ahmedabad Penetration Testing/Bug Bounty competition.
Professional Certificates
- eJPTv2 - eLearnSecurity Junior Penetration Tester (February 2024)
- ICCA - INE Certified Cloud Associate (February 2024) - Specialized in Cloud Security and Vulnerabilities for AWS, Azure, and GCP.
- IBM Cybersecurity Analyst Professional Certificate (September 2022) - Equivalent to CEH and eJPT, covering Network Security, Database Vulnerabilities, Cyber Threat Intelligence, Penetration Testing, Incident Response, and Forensics.
Open Source Contributions
SCRIPTKIDDI3
Introducing SCRIPTKIDDI3, a powerful recon and initial vulnerability detection tool crafted specifically for Bug Bounty Hunters. This tool, built using a variety of open-source technologies and a shell script, empowers users to swiftly execute scans on target domains and identify potential vulnerabilities.
Key Features:
- Reconnaissance: Gathers crucial information like subdomains and running services using nuclei.
- Vulnerability Scanning: Utilizes collected data to scan for known vulnerabilities and potential attack vectors, highlighting high-risk issues.
- Misconfiguration Detection: Identifies misconfigurations and insecure default settings using nuclei templates, ensuring proper system configurations.
Why SCRIPTKIDDI3:
- Efficiency: Conduct thorough and efficient recon and vulnerability assessments.
- User-Friendly: Streamlined processes for quick and effective scans.
Let’s Find Bugs with SCRIPTKIDDI3!
Explore SCRIPTKIDDI3 on GitHub.