Jul 2022 – Present · 3 yrs 10 mos

May 2022 – Present · 4 yrs · Hyderabad, Telangana, India

• ➤ Conduct advanced vulnerability research on large-scale open-source and enterprise software across multiple
• programming languages including Java, JavaScript, C/C++, Python, PHP, Go, Ruby, and iOS ecosystems.
• ➤ Performed SAST, DAST, SCA, and reachability analysis to identify critical, high, and medium-risk security issues,
• including 0-day and previously untracked vulnerabilities.
• ➤ Validate exploitability and real-world impact to reduce false positives and improve vulnerability accuracy.
• ➤ Lead vulnerability research activities, customer escalations, documentation, and coordination with internal and
• external stakeholders.
• ➤ Mentor junior researchers and review security findings to ensure high-quality technical reporting.

Dec 2021 – Apr 2022 · 4 mos · India

• ➤ Web Application Pentesting
• ➤ API Pentesting
• ➤ Blog Writing
• ➤ Reporting and Documentation
• ➤ Learning

Sep 2021 – Nov 2021 · 2 mos · Pune, Maharashtra, India

• ➤ Performed black-box, grey-box, and white-box penetration testing for web applications, APIs, Android applications, and internal/external infrastructure.
• ➤ Delivered detailed vulnerability assessment reports including risk ratings, exploitation details, and remediation guidance.

Aug 2021 – Present · 4 yrs 9 mos · India

• ➤ Link: https://app.yogosha.com/r/HemantSolo
• ➤ Rank: All Time Top 10
• ➤ Secured 3rd Rank in Top Hackers S2 2021
• ➤ Secured 6th Rank in Top Hackers 2021

Jul 2021 – Jul 2021 · 0 mo

• Responsibility Includes:
• ➤ Performed a security check of eCommerce Website.
• ➤ Report and make documents of investigations identified on the product along with the mitigations.
• ➤ Learning.

Jun 2020 – Aug 2020 · 2 mos · India

• ➤ Received training in Professional Cloud Architecture and cloud security fundamentals.
• ➤ Conducted security assessments for Google Cloud Platform (GCP) and AWS environments.
• ➤ Prepared high-level security architecture, Cloud Control Matrix (CCM), and hardening guidelines for GCP components.
• ➤ Authored technical blogs focused on cloud security best practices.

May 2020 – Present · 6 yrs

• ➤ Reported 50+ vulnerabilities.
• ➤ Got one recommendation from Vovsoft.
• ➤ Check Here: https://www.openbugbounty.org/researchers/HemantSolo/

May 2020 – Jun 2020 · 1 mo · India

• Responsibility Includes:
• ➤ Successfully guided 30+ VAPT interns for finding web application vulnerabilities.
• ➤ Secured 5+ websites that are clients of SafeHack.

Jan 2020 – Present · 6 yrs 4 mos

• ➤ Thanks received: 10+
• ➤ U.S. Dept Of Defence: Researcher of the Month (Feb. 2021)
• ➤ Reputation: 500+
• ➤ Profile URL: https://hackerone.com/HemantSolo

Jan 2020 – Present · 6 yrs 4 mos

• ➤ Hall Of Fame: 50+
• ➤ Current Rank: Bugcrowd Top 600 Hackers Globally
• ➤ Profile: https://bugcrowd.com/HemantSolo

Jan 2020 – Present · 6 yrs 4 mos

• ➤ Got listed in Top 15 Researcher and Contributor in the newsletter announced by NCIIPC India (A unit of NTRO) in Oct 2020.
• ➤ Secured 40+ websites of Indian Govt. with various web application vulnerabilities.
• ➤ Reported 10+ high-security vulnerabilities including:
• RCE via file upload - 5+
• Cross Site Scripting - 6+
• No Rate Limiting leads to account takeover and OTP bypass - 20+
• and more...

Dec 2019 – May 2020 · 5 mos · Pune/Pimpri-Chinchwad Area

• Responsibility Includes:
• ➤ Web & Android Application Penetration Testing
• ➤ Reporting and Documentation
• ➤ Learning