SAMPATH KUMAR KADAJARI
ETHICAL HACKER | APPLICATION PENETRATION TESTER |
CLOUD SECURITY AUDIT | SOURCE CODE REVIEWER
I’m thrilled you’re here. Please take a moment to explore my site, where you’ll find details on my background, experience, skills and more. To learn more or connect on an opportunity, don’t hesitate to reach out.
ABOUT ME
Hello! My name is Sampath Kumar Kadajari, and I am a passionate Cybersecurity Professional with over 5 years of experience in the field and nearly 2 years of industrial experience. Currently, I work as an Analyst in Security Testing at StrongBox IT, specializing in various domains including web applications, Android/iOS, network, API, Wi-Fi, source code review, DDOS, WAF, and IoT penetration testing.
Throughout my career, I have honed my skills in vulnerability assessment and penetration testing, utilizing a wide range of security testing tools such as Burp Suite, MobSF, Nmap, SQLMap, Nessus and much more. My expertise lies in identifying real-world vulnerabilities and understanding attack and threat vectors to safeguard information and ensure protection.
In addition to my professional experience, I am also an Offensive Security Certified Professional (OSCP) and have worked as a freelance security trainer, training over 200 students. This experience has not only enhanced my teaching abilities but also deepened my understanding of cybersecurity from different perspectives.
I believe in continuous learning and staying updated with the latest security threats, technologies, and trends. My approach to work involves collaborating closely with clients, providing comprehensive security assessments, and recommending effective mitigation strategies to enhance their security posture.
​
When I'm not working, I enjoy playing sports, surfing the internet, exploring new places, and working out. These activities help me stay balanced and inspired.
​
​
​
SKILLS
Professional Competencies
No matter the role or project, I’m confident in the skill set I bring to the table. Take a look below to learn more about my specific abilities, and feel free to get in touch if you’d like to learn more.
APPLICATION PENETRATION TESTING
Expertise in identifying and exploiting vulnerabilities within web, api, mobile, thickclient,Cloud and IOT applications. Proficient in using a wide range of security testing tools such as Burp Suite, Nessus, SQLMap and many more to uncover real-world security flaws. This skill set ensures the safeguarding of applications by understanding attack vectors and providing effective mitigation strategies to enhance overall security posture.
CLOUD SECURITY AUDITS
Proficient in assessing the security of cloud environments to identify vulnerabilities and ensure compliance with best practices. Experienced in using tools such as Prowler, AWS CloudWatch, and AWS GuardDuty, among others, to perform comprehensive security audits. This skill set focuses on evaluating cloud configurations, monitoring potential threats, and implementing robust security measures to protect cloud-based assets and data.
SOURCE CODE REVIEWS
Experienced in both automation and manual source code reviews to identify security vulnerabilities and ensure code quality. Proficient in using tools such as SonarQube, Semgrep, and Snyk to automate vulnerability detection, while also applying manual review techniques to uncover complex issues. This dual approach helps in delivering thorough assessments, enhancing code security, and ensuring adherence to best practices.
EDUCATIONAL BACKGROUND
BTECH IN ELECTRONICS AND COMMUNICATIONS
August 2019 -Â May 2023
A comprehensive program at Gurukul Kangri Vishwavidyalaya (Haridwar) focused on the design, development, and maintenance of electronic systems and communication networks. This degree equips students with a strong foundation in electronics, signal processing, telecommunications, and embedded systems, preparing them for diverse careers in technology and engineering.
INTERMEDIATE EDUCATION IN MATHS, PHYSICS, CHEMISTRY
April 2017 - April 2019
A focused curriculum emphasizing strong analytical and problem-solving skills. Demonstrated excellence in cracking high-level exams such as JEE Mains and EAMCET, showcasing proficiency in Mathematics, Physics, and Chemistry.
"In the world of professional growth and personal development, the value of building strong relationships and connections often surpasses the importance of financial wealth. Cultivating a robust network opens doors to opportunities, knowledge, and support that can significantly enhance your journey and success"
Sampath kumar kadajari
"Network is Better Than Net Worth"
PROFESSIONAL WORK EXPERIENCE
My Qualifications
May 2023Â - Present
CYBER SECURITY ANALYST
Conducting thorough assessments of systems, networks, web, APK, iOS, Thickclient, and IOT applications to identify potential security vulnerabilities, and actively simulating cyberattacks to exploit identified vulnerabilities, providing a realistic assessment of security risks. Ensuring that security assessments align with industry standards and compliance requirements, such as PCI DSS or HIPAA. Collaborating closely with clients and developers to understand unique security needs, goals, and constraints, and to effectively mitigate security issues.
Oct 2021Â -Â Dec 2021
PENETRATION TESTING INTERN
Mastering web VAPT topics like SQL injection, XSS, and CSRF through extensive hands-on labs. Utilizing industry-standard tools such as Burp Suite, OWASP ZAP, and other specialized security tools for comprehensive security assessments.
Sep 2020Â -Â Feb 2021
VAPT INTERN
As a VAPT Intern, I was responsible for conducting comprehensive vulnerability assessments and penetration testing to identify security weaknesses within various systems and applications.
CERTIFICATIONS
Offensive Security Certified Professional (OSCP)
The OSCP certification is a highly respected credential in the field of cybersecurity, demonstrating advanced skills in ethical hacking and penetration testing. This certification requires successful completion of a rigorous 24-hour exam, where candidates must exploit various machines in a controlled environment. OSCP professionals are proficient in identifying, exploiting, and mitigating security vulnerabilities, and are well-versed in a wide range of cybersecurity tools and techniques. This certification signifies a strong commitment to ethical hacking and continuous learning in the ever-evolving landscape of cybersecurity.
ACHIEVEMENTS
As a freelance security tester, I have achieved several things that I am proud of. Some of my most
notable achievements include Discovering critical vulnerabilities, earning recognition, building reputation, financial rewards
​
Discovered two CVEs in different open-source projects, CVE-2024-41332 addresses a broken access control issue and CVE-2024-41333 pertains to a Cross-Site Scripting (XSS) vulnerability.
