Vivek Bhatt — DevOps Engineer

I’m an 𝗢𝗳𝗳𝗲𝗻𝘀𝗶𝘃𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗣𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹 and 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗲𝗿 with 𝟭.𝟱+ 𝘆𝗲𝗮𝗿𝘀 of hands-on experience conducting 𝗰𝗼𝗺𝗽𝗿𝗲𝗵𝗲𝗻𝘀𝗶𝘃𝗲 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 𝗮𝗻𝗱 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗶𝗻𝗴 (𝗩𝗔𝗣𝗧) 𝗮𝗰𝗿𝗼𝘀𝘀 𝘄𝗲𝗯 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀, 𝗔𝗣𝗜𝘀, 𝗺𝗼𝗯𝗶𝗹𝗲, 𝗮𝗻𝗱 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁𝘀. My approach is guided by structured 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 𝗠𝗲𝘁𝗵𝗼𝗱𝗼𝗹𝗼𝗴𝗶𝗲𝘀, focusing on identifying, exploiting, and remediating real-world vulnerabilities through 𝗪𝗲𝗯 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗲𝘀𝘁𝗶𝗻𝗴, 𝗛𝗼𝘀𝘁-𝗕𝗮𝘀𝗲𝗱 & 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗶𝗻𝗴, 𝗮𝗻𝗱 𝗛𝗼𝘀𝘁 & 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗖𝗼𝗻𝗳𝗶𝗴𝘂𝗿𝗮𝘁𝗶𝗼𝗻 𝗔𝘂𝗱𝗶𝘁𝗶𝗻𝗴. I follow globally recognized frameworks including 𝗢𝗪𝗔𝗦𝗣 𝗧𝗼𝗽 𝟭𝟬, 𝗖𝗪𝗘 𝗧𝗼𝗽 𝟮𝟱, 𝗮𝗻𝗱 𝗖𝗩𝗦𝗦 𝘃𝟯.𝟭 𝘀𝗰𝗼𝗿𝗶𝗻𝗴, ensuring every finding is validated, reproducible, and risk-prioritized for accurate reporting and remediation. 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗲𝗝𝗣𝗧 (𝗜𝗡𝗘 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆) and currently pursuing 𝗖𝗘𝗛 𝘃𝟭𝟯, I combine 𝗺𝗮𝗻𝘂𝗮𝗹 𝗲𝘅𝗽𝗹𝗼𝗶𝘁𝗮𝘁𝗶𝗼𝗻 with 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗿𝗲𝗰𝗼𝗻𝗻𝗮𝗶𝘀𝘀𝗮𝗻𝗰𝗲 to simulate 𝗿𝗲𝗮𝗹-𝘄𝗼𝗿𝗹𝗱 𝗮𝘁𝘁𝗮𝗰𝗸 𝗰𝗵𝗮𝗶𝗻𝘀 — from 𝗿𝗲𝗰𝗼𝗻𝗻𝗮𝗶𝘀𝘀𝗮𝗻𝗰𝗲 to 𝗽𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲 𝗲𝘀𝗰𝗮𝗹𝗮𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗽𝗼𝘀𝘁-𝗲𝘅𝗽𝗹𝗼𝗶𝘁𝗮𝘁𝗶𝗼𝗻. My toolkit includes 𝗕𝘂𝗿𝗽 𝗦𝘂𝗶𝘁𝗲, 𝗡𝗺𝗮𝗽, 𝗠𝗲𝘁𝗮𝘀𝗽𝗹𝗼𝗶𝘁, 𝗦𝗤𝗟𝗠𝗮𝗽, 𝗢𝗪𝗔𝗦𝗣 𝗭𝗔𝗣, 𝗙𝗙𝗨𝗙, 𝗣𝗼𝘀𝘁𝗺𝗮𝗻, 𝗮𝗻𝗱 𝗠𝗼𝗯𝗦𝗙, primarily operating in 𝗞𝗮𝗹𝗶 𝗟𝗶𝗻𝘂𝘅, 𝗣𝗮𝗿𝗿𝗼𝘁 𝗢𝗦, 𝗮𝗻𝗱 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁𝘀. 🔹 𝗖𝗼𝗿𝗲 𝗖𝗼𝗺𝗽𝗲𝘁𝗲𝗻𝗰𝗶𝗲𝘀: Web, API, Host & Network Penetration Testing | VAPT | Security Assessment Methodologies | OWASP Top 10 | CVSS/CWE-Based Reporting | Exploitation & Privilege Escalation | Vulnerability Analysis | Red Teaming | Python & Bash Automation

Stackforce AI infers this person is a Cybersecurity Specialist focused on Penetration Testing and Vulnerability Assessment.

Location: Greater Delhi, Delhi, India

Experience: 1 yr 2 mos

Skills

Penetration Testing
Vulnerability Assessment
Application Security

Career Highlights

Certified eJPT with hands-on VAPT experience
Expertise in OWASP Top 10 and CVSS scoring
Published content on offensive security methodologies

Work Experience

Medium

Self Blog(Offensive Security Researcher & Writer) (1 yr 1 mo)

StartUP

Penetration Tester (VAPT | Web, API, Network & Mobile Application Security) (1 yr 2 mos)

VAPT Analyst Trainee (10 mos)

Education

Bachelor of Technology - BTech at Uttrakhand Technical University, Dehradun

Complete Ethical Hacking Bootcamp at Zero To Mastery Academy

Vivek Bhatt

DevOps Engineer

Greater Delhi, Delhi, India1 yr 2 mos experience

Key Highlights

Certified eJPT with hands-on VAPT experience
Expertise in OWASP Top 10 and CVSS scoring
Published content on offensive security methodologies

Stackforce AI infers this person is a Cybersecurity Specialist focused on Penetration Testing and Vulnerability Assessment.

Contact

Skills

Core Skills

Penetration TestingVulnerability AssessmentApplication Security

Other Skills

Burp SuiteOWASP ZAPNmapRustScanSubfinderhttpxNiktoNucleiSQLMapOpenVASPostmanMobSFCorelliumWiresharktcpdump

About

Experience

1 yr 2 mos

Total Experience

1 yr 2 mos

Average Tenure

1 yr 2 mos

Current Experience

Medium

Self Blog(Offensive Security Researcher & Writer)

Mar 2025 – Present · 1 yr 1 mo · Remote

Publish educational content and tool walkthroughs focused on ethical offensive security, web and API testing, and vulnerability awareness. Contribute to the cybersecurity community by translating complex attack methodologies into practical learning material for professionals and students.
Researched and authored detailed articles on tools like Burp Suite, Nmap, FFUF, httpx, Nikto, Nuclei, and MobSF, explaining their setup, usage, and integration in penetration testing workflows.
Created content around OWASP Top 10 and CWE Top 25 vulnerabilities, providing real-world examples, lab demonstrations, and mitigation insights.
Designed step-by-step tool walkthroughs to help readers understand manual exploitation, input validation testing, and enumeration logic in web and API environments.
Analyzed vulnerabilities and misconfigurations from a researcher’s perspective to explain root causes and demonstrate secure coding practices.
Simplified advanced topics such as API abuse, insecure deserialization, and mobile security testing into accessible, beginner-friendly tutorials.
Maintained ethical and educational integrity in all publications, ensuring no client or confidential data was exposed.
Promoted community learning by documenting real testing approaches and automation ideas to improve workflow efficiency.

Burp SuiteNmapFFUFhttpxNiktoNuclei+2

Startup

2 roles

Penetration Tester (VAPT | Web, API, Network & Mobile Application Security)

Feb 2025 – Present · 1 yr 2 mos · Remote

Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web apps, APIs, mobile apps, and network infrastructures, combining manual exploitation and automated scanning to identify and validate security weaknesses.
Executed black-box and gray-box assessments using Burp Suite (Community), OWASP ZAP, Nmap, RustScan, and Subfinder to map exposed assets and services, improving reconnaissance accuracy.
Leveraged Nmap (NSE) and OpenVAS for port scanning, service fingerprinting, and vulnerability detection, reducing false positives through manual verification.
Fingerprinted technologies using httpx, WhatWeb, and Wappalyzer to identify outdated components and misconfigurations for risk-based prioritization.
Conducted API testing via Postman and Burp Suite, identifying authorization and input validation flaws that improved API resilience.
Executed web vulnerability checks using Nikto, Nuclei, and SQLMap, validating exploitable issues aligned with OWASP Top 10 and CWE Top 25.
Performed static and dynamic mobile app testing using MobSF, Corellium, JADX, and APKTool to detect insecure storage and SSL misconfigurations.
Analyzed network traffic and DNS behavior using Wireshark, tcpdump, dnsrecon, and nslookup to strengthen segmentation and visibility.
Delivered CVSS v3.1 / CWE-mapped reports with reproducible PoCs and remediation guidance, achieving ~90% closure rate across projects.
Ensured ethical and professional testing practices, maintaining client data confidentiality and scope compliance.
Tools: Burp Suite, ZAP, Nmap, RustScan, Subfinder, httpx, Nikto, Nuclei, SQLMap, OpenVAS, Postman, MobSF, Corellium, Wireshark, tcpdump, CVSS v3.1, CWE, OWASP Top 10, Linux (Kali, Parrot, Ubuntu), Windows

Burp SuiteOWASP ZAPNmapRustScanSubfinderhttpx+16

VAPT Analyst Trainee

Mar 2024 – Jan 2025 · 10 mos · Remote

Supported senior penetration testers in performing web, API, and network vulnerability assessments, gaining hands-on experience with reconnaissance, validation, and structured reporting across diverse client environments.
Assisted in black-box and gray-box testing using Burp Suite, OWASP ZAP, Nmap, RustScan, Subfinder, and httpx to enumerate assets and detect common vulnerabilities.
Conducted web and API testing with Burp Suite, Postman, and Nikto to identify authentication, input validation, and misconfiguration issues.
Performed technology fingerprinting using WhatWeb and Wappalyzer to analyze web stacks and discover outdated components for targeted testing.
Supported network reconnaissance and analysis using dnsrecon, nslookup, and Wireshark to inspect DNS behavior, open ports, and service banners.
Participated in vulnerability verification by cross-referencing results from automated scans with manual validation to reduce false positives.
Drafted CWE-classified findings and CVSS-scored reports with proof-of-concept details under the supervision of senior testers.
Contributed to remediation retesting and client follow-ups, ensuring timely validation of security fixes.
Strengthened understanding of OWASP Top 10, CWE Top 25, and professional VAPT methodologies, building a solid foundation for advanced pentesting responsibilities.
Tools & Technologies:
Burp Suite, OWASP ZAP, Nmap, RustScan, Subfinder, httpx, WhatWeb, Wappalyzer, Nikto, Postman, dnsrecon, nslookup, Wireshark, CVSS v3.1, CWE, OWASP Top 10, CWE Top 25, Linux (Kali, Parrot, Ubuntu), Windows