[+] Initializing security environment...
[+] Loading attack modules OK
[+] Mounting recon framework OK
[+] Establishing handshake...
[] Access granted. Welcome, operator.
STATUS · AVAILABLE FOR ENGAGEMENTS · TOP 1% THM

Ankush
Bhadwar.

$ role: Red Team Operations
Offensive Security Engineer & Cloud Security Researcher

I dissect systems at the protocol level — API auth flows, Azure misconfigs, attack-surface intel — and build offensive tooling that simulates realistic adversary behavior. Recruiter-clean, blue-team-aware, red-team-deep.

0+
THM Rooms Cleared
0
Badges Earned
#0
Global Rank
Top 1%
Worldwide
01 · WHO

Breaking systems
to understand them.

Offensive mindset, infrastructure-deep, recruiter-clean. No filler, no fluff.

// operator_silhouette.svg
// operator.profile

I specialize in offensive security, cloud infrastructure defense, and adversarial testing across modern web ecosystems. My work focuses on API security, Azure security operations, authentication flaws, attack-surface analysis, and real-world exploitation workflows.

I enjoy dissecting systems at the protocol level — understanding misconfigurations, chaining primitives, and building offensive tooling that simulates realistic attacker behavior rather than running point-and-click scanners.

My approach combines:

  • Cloud security engineering
  • Red team methodologies
  • Vulnerability research
  • Offensive automation
  • Secure architecture analysis
  • API & auth flaw hunting
02 · ARSENAL

Tools, tactics,
tradecraft.

No progress bars. The stack I actually reach for when there's a system to break or a vulnerability to chase.

Offensive Security

Burp SuiteOWASPJWT Analysis API TestingSSRFSQLi XSSAuth BypassMetasploit

Cloud

AzureIAMDefender Entra IDCloud SecAWS IAM SC-100

Infrastructure

LinuxDockerContainers NginxNetworkingNmap Wireshark

Programming

PythonBashJavaScript AutomationGitPowerShell
03 · OPERATIONS

Where I've been
breaking things.

Offensive engagements, internships, and self-driven research.

Mar 2026 — Present · 3 mos

Cyber Security Internship

Slash Mark IT Solutions (OPC) Pvt. Ltd · Remote
  • Conducting end-to-end security assessments across web applications and internal services
  • Hands-on vulnerability research, exploitation, and CVSS-scored reporting
  • Building offensive automation around reconnaissance and attack-surface mapping
VAPTBurp SuitePythonOWASP
Feb 2026 — Mar 2026 · 2 mos

Cyber Security Intern

Future Interns · Remote
  • Practical red team engagements simulating adversary kill chains
  • Offensive workflow training: ethical hacking, exploitation labs, post-exploitation tradecraft
Ethical HackingRed TeamingMetasploit
Feb 2026 · 1 mo

Cyber Security Intern

ShadowFox · Remote
  • Web application penetration testing against staged client targets
  • Red team engagements with focus on auth bypass, IDOR, and injection chains
  • Delivered reproducible PoCs and prioritized remediation guidance
Web App PentestRed TeamingBurp Suite
Self-Driven · Ongoing

Independent Researcher · Writer

TryHackMe · Medium · GitHub
  • Top 1% globally on TryHackMe — 937 rooms cleared, 99 badges, rank #234
  • Publishing technical write-ups on WAF bypass, OWASP categories, and offensive workflows
  • Building offensive automation and PoC tooling on GitHub
TryHackMeMediumGitHub
// education
Aug 2022 — Jun 2026

Himachal Pradesh Technical University (HPTU)

Bachelor of Technology · B.Tech, Computer Science and Engineering

B.TechCSENetworkingOSDBMSSecurity
04 · BUILDS

Offensive tooling
& research.

Selected red-team, cloud-security, and recon-automation projects.

// API · ReconMEDIUM

API Attack Surface Mapper

Python framework that discovers, fingerprints and enumerates REST/GraphQL endpoints from OpenAPI specs and live traffic — auto-classifies auth flows and surfaces high-risk methods.

PythonOpenAPIJWTHTTPX
// Cloud · AzureHARD

Azure Misconfiguration Scanner

Tooling that enumerates IAM role assignments, storage public-access exposure, and Defender posture gaps across an Azure tenant — outputs CVSS-scored findings.

Azure CLIPythonIAMGraph API
// API · AuthMEDIUM

JWT Analysis Toolkit

Decodes, audits and fuzzes JWTs — detects weak signing algs, key-confusion vulnerabilities, expired-token replays and insecure claim usage in real authentication workflows.

PythonJWTJOSEBurp Ext
// Recon · AutomationHARD

Recon Automation Framework

Modular pipeline chaining subdomain enumeration, port scanning, tech-stack fingerprinting, and screenshot capture — designed for bug-bounty asset discovery at scale.

Pythonamasshttpxnuclei
// Web · ExploitationMEDIUM

Web Enumeration Engine

Burp Suite extension + standalone Python tool that maps web-app routes, classifies parameters by behavior, and surfaces probable injection points and IDOR candidates.

PythonBurp ExtSelenium
// Infra · ResearchEXPERT

Container Escape Research Lab

Sandboxed environment exploring known and theoretical container-breakout primitives — capability misuse, hostpath mounts, runc CVEs — with reproducible writeups for blue teams.

DockerLinuxK8sseccomp
05 · PROMPT LAB

AI Security
Prompt Lab.

Battle-tested prompts I use with AI assistants for real offensive workflows — recon, API auditing, threat modeling, and report writing.

06 · CREDENTIALS

Paper trail.

Certifications, learning paths, and program completions — grouped by domain.

01

Offensive Security & Penetration Testing

C-JWAPT — Jr Web App Pen Tester

Sturtle Security · Mar 2026

CCEP — Certified Cybersec Educator

Red Team Leaders · Dec 2025

Offensive IAM Exploitation

Red Team Leaders · Mar 2026

CompTIA Pentest+ Path

TryHackMe · Feb 2026

Jr Penetration Tester

TryHackMe · Feb 2026

Web Application Pentesting

TryHackMe · Feb 2026

Web App Red Teaming

TryHackMe · Feb 2026

Advanced Endpoint Investigations

TryHackMe · Apr 2026

SOC Level 1

TryHackMe · Apr 2026

Web Fundamentals

TryHackMe · Feb 2026

Cyber Security 101

TryHackMe · Feb 2026

Coldstart

TryHackMe · Jan 2026

Cyber Security Internship

ShadowFox · Feb 2026
02

AI Security Research

CAISR — AI Security & Risk

Red Team Leaders · Feb 2026

AI Security

TryHackMe · Apr 2026

AI Tools Workshop

Be10x · Mar 2026
03

Claude · MCP · Agent Engineering

AI Fluency Framework & Foundations

Anthropic · Apr 2026

Teaching the AI Fluency Framework

Anthropic · Apr 2026

AI Fluency for Educators

Anthropic · Apr 2026

AI Capabilities and Limitations

Anthropic · Apr 2026

Introduction to Claude Cowork

Anthropic · Apr 2026

Introduction to Agent Skills

Anthropic · Apr 2026

Introduction to Subagents

Anthropic · Apr 2026

Claude Code in Action

Anthropic · Apr 2026

Building with the Claude API

Anthropic · Apr 2026

Claude with Google Cloud Vertex AI

Anthropic · Apr 2026

Claude in Amazon Bedrock

Anthropic · Apr 2026

Introduction to Model Context Protocol

Anthropic · Apr 2026

MCP: Advanced Topics

Anthropic · Apr 2026

MCP Automation in Production

Hugging Face · Apr 2026

Fundamentals of MCP

Hugging Face · Apr 2026
04

Cloud Security

AZ-500 Path

Microsoft Azure Security

SC-100 Path

Microsoft Cybersecurity Architect

Azure Defender Operations

Microsoft Learn
05

Cloud Infrastructure & Networking

AWS Identity & Access Management

Amazon Web Services · Nov 2025

AWS Security Governance at Scale

Amazon Web Services · Nov 2025

AWS for VMware Administrators

Amazon Web Services · Nov 2025

Networking Devices & Initial Config

Cisco · Nov 2025

Introduction to Cybersecurity

Cisco · Nov 2025

Cybersecurity Fundamentals

IBM · Nov 2025
06

CTFs · Simulations · Workshops

Capture the Flag

SkillBit (MetaCTF) · Apr 2026

MetaCTF December 2025 Flash CTF

SkillBit · Dec 2025

Network Cable

LetsDefend · Apr 2026

Advent of Cyber 2025

TryHackMe · Dec 2025

Advent of Cyber 2024

TryHackMe · Oct 2025

Advent of Cyber 2023

TryHackMe · Oct 2025

Advent of Cyber 2022

TryHackMe · Nov 2025

In-house Hacking & Pentesting Lab

EC-Council

Dark Web, Anonymity & Crypto

EC-Council

Cybersecurity Analyst Simulation

Tata Group · Jul 2025

Cybersecurity Job Simulation

Deloitte · Jul 2025

Cyber Security Management

ANZ · Jul 2025

Shield Up: Cybersecurity Sim

AIG · Jul 2025

Cybersecurity Job Simulation

NY Jobs CEO Council · Jul 2025

Learn Python & Ethical Hacking

Udemy · Oct 2025

Java 17 Masterclass

Udemy · Oct 2024

// 50+ verified certifications · sourced from LinkedIn licenses_and_certifications

07 · RECEIPTS

Verifiable footprint.

Numbers don't lie. Click through and verify.

0+
TryHackMe Rooms
cleared
0
Badges Earned
platforms
#0
Global Rank
tryhackme
Top 1%
Worldwide
offensive sec
08 · ESTABLISH CONNECTION

Got a system that
needs testing?

Open for security engagements, freelance VAPT, cloud-security research, and bug bounty collaboration.

~/transmit.sh