Security Researcher

PRANTO
KUMAR
SHIL

Penetration tester and security researcher specializing in web application security, network infrastructure, and vulnerability research. I break things to help build them better.

View My Work Get In Touch
Pranto Kumar Shil
pran0x // available
Available for engagements
PGP: 0xDEADBEEF
TZ: UTC+6 (Dhaka)

05 // Hall of Fame

Responsible Disclosures

Vulnerabilities responsibly disclosed to organizations worldwide. All details withheld per coordinated disclosure agreements.

12+ Companies Notified
3 Critical Findings
100% Responsible Disclosure

// Details withheld per responsible disclosure policy

01 // About

Who I Am

I'm a security researcher with deep expertise in penetration testing, web application security, and network security. My work sits at the intersection of offensive and defensive security — understanding how attackers think to build more resilient systems.

With a background in both red team operations and vulnerability research, I've worked with organizations across fintech, healthcare, and critical infrastructure to identify and remediate high-severity vulnerabilities before adversaries can exploit them.

I contribute to the security community through responsible disclosure, CTF competitions, and open-source tooling for the offensive security community.

ACTIVE OSCP — Offensive Security Certified Professional
ACTIVE eJPT — eLearnSecurity Junior Penetration Tester
ACTIVE CEH — Certified Ethical Hacker
PURSUING OSWE — Web Expert
50+ CVEs Reported
120+ Pentest Engagements
$40K+ Bug Bounty Earned
Top 1% HackTheBox Rank

02 // Skills

Capabilities

🌐

Web Security

  • OWASP Top 10 & Beyond
  • SQL / NoSQL Injection
  • XSS, CSRF, SSRF
  • OAuth & JWT Attacks
  • API Security Testing
  • GraphQL Exploitation
  • Business Logic Flaws
  • Burp Suite Pro
🔗

Network Security

  • Network Reconnaissance
  • Protocol Analysis
  • Man-in-the-Middle Attacks
  • Firewall / IDS Evasion
  • Active Directory Attacks
  • Lateral Movement
  • Wireshark / tcpdump
  • Nmap / Masscan
🎯

Penetration Testing

  • Red Team Operations
  • Physical Security
  • Social Engineering
  • Post-Exploitation
  • Privilege Escalation
  • Metasploit Framework
  • Custom Exploit Dev
  • Full Kill-Chain Attacks
💻

Programming

  • Python (exploit scripts)
  • Bash / PowerShell
  • JavaScript / Node.js
  • C / C++ (low-level)
  • Go (tooling)
  • PHP (source review)
  • Assembly (x86/x64)
🔓

Vulnerability Research

  • CVE Research & Reporting
  • 0-day Discovery
  • Reverse Engineering
  • Binary Analysis
  • Fuzzing Techniques
  • IDA Pro / Ghidra
  • Responsible Disclosure
☁️

Cloud & Infrastructure

  • AWS / Azure Pentest
  • Container Escapes
  • Kubernetes Attacks
  • IAM Misconfiguration
  • Serverless Security
  • S3 / Blob Exposure
  • CI/CD Pipeline Attacks

Proficiency

Web Application Penetration Testing95%
Network Security & Recon90%
Vulnerability Research85%
Python / Exploit Development88%
Cloud Security75%
Reverse Engineering70%

03 // Work

Research & Findings

CVE Research CRITICAL — CVSS 9.8

Auth Bypass in Enterprise SSO Platform

Discovered a critical authentication bypass vulnerability in a widely-deployed enterprise SSO platform affecting 10,000+ organizations. The flaw allowed full account takeover via a JWT signature confusion attack without valid credentials.

JWT Auth Bypass CVE-2024-XXXX Responsible Disclosure $12,000 Bounty
exploit.py
# JWT alg:none confusion attack
$ python3 exploit.py --target https://target.sso/

[*] Fetching JWT from /api/auth...
[*] Detected algorithm: RS256
[!] Testing alg confusion...
[+] Vulnerable! Accepted unsigned token
[+] Access granted as: admin@corp.internal
[!] CRITICAL — Report immediately
01
Bug Bounty HIGH — CVSS 8.1

SSRF to Internal AWS Metadata

Chained an open redirect with an SSRF vulnerability to exfiltrate AWS EC2 instance metadata including IAM credentials, leading to full cloud account compromise.

SSRF AWS Open Redirect Cloud
02
Network Pentest CRITICAL

AD Domain Takeover via Kerberoasting

Full Active Directory domain compromise achieved during red team engagement by chaining Kerberoasting, password spraying, and DCSync attack to gain Domain Admin.

Active Directory Kerberoasting DCSync Red Team
03
Open Source Tool PUBLIC

AutoRecon-Web — Automated Web Recon

Built an open-source automated web reconnaissance framework integrating 30+ tools into a unified pipeline. 2,000+ GitHub stars. Used by CTF players and pentesters worldwide.

Python OSS Automation 2K+ Stars
04
CTF 1ST PLACE

CTF Champion — NationalCyberSec BD 2024

Captured first place in the National Cybersecurity CTF Bangladesh 2024, solving 47 of 50 challenges across web, forensics, cryptography, and binary exploitation.

CTF Web Crypto Pwn
05

04 // Contact

Get In Touch

Available for penetration testing engagements, bug bounty collaborations, security consulting, and responsible disclosure conversations. Response time typically within 24 hours.

Contact with me via Email github.com linkedin.com X / Twitter HackerOne Profile

// PGP Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBF...REPLACE WITH YOUR ACTUAL PGP KEY...ABAAKCRAm
7gK3xQRpAJ9...XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Key ID: 0xDEADBEEF
Fingerprint: XXXX XXXX XXXX XXXX XXXX
            XXXX XXXX XXXX XXXX XXXX

-----END PGP PUBLIC KEY BLOCK-----