Hey, I'm
AJAYSEN R
I break into systems to keep them safe
before attackers do
About Me.
Get to know me better
Senior Offensive Security Consultant with 5+ years of experience in web, mobile, API, and cloud penetration testing. Ranked Top 300 globally on HackerOne with 100+ Hall of Fame acknowledgements from Apple, Google, Netflix, the United Nations, and more. Passionate about security automation and responsible disclosure.
5+
Years Experience
250+
Pentest Projects
100+
Hall of Fames
Top 300
HackerOne Global
Skills & Expertise.
Core competencies in offensive security, penetration testing, and security automation
Penetration Testing
Web Application
API (REST, GraphQL, SOAP)
External Network
Internal Network
Thick Client
Android
iOSSecurity Tools & Frameworks
Burp SuitePostman
Nessus
Qualys
Wireshark
Metasploit
BloodHound
ProwlerScripting & Languages
Bash Scripting
GoExperience.
My professional journey
Senior Offensive Security Consultant
Sep 2024 - PresentSiemba
•- •Working with the product team as a security researcher, driving R&D on new security ideas and features.
- •Designing logic for an Autonomous DAST (Dynamic Application Security Testing) Scanner.
- •Building and enhancing the EASM (External Attack Surface Management) platform.
- •Conducting web application, API, and internal platform penetration testing engagements.
Offensive Security Consultant
Aug 2023 - Aug 2024Siemba
•- •Performed end-to-end penetration testing on web applications, REST, GraphQL, and SOAP APIs.
- •Conducted mobile application security assessments on Android and iOS platforms.
- •Executed cloud configuration reviews across AWS and Azure environments.
Cyber Security Analyst
Jan 2022 - Jul 2023Deloitte
•- •Delivered web application and API penetration tests for Fortune 500 clients across banking, healthcare, and retail.
- •Performed external network penetration testing to identify perimeter vulnerabilities and misconfigurations.
- •Assessed Android applications for OWASP Mobile Top 10 vulnerabilities.
- •Conducted thick client penetration testing on desktop applications using traffic interception and binary analysis.
Cyber Security Engineer
Feb 2021 - Dec 2021Adcy.io
•- •Performed web application and API penetration testing to identify security vulnerabilities.
- •Conducted internal network penetration testing to assess infrastructure security posture.
Security Researcher - Freelance
Nov 2020 - PresentHackerOne
•- •Active bug bounty hunter ranked in the Top 300 researchers globally.
- •Identified and responsibly disclosed critical vulnerabilities across private and public programs.
- •Recognized with 28 Hall of Fame acknowledgements from HackerOne programs.
Security Researcher - Freelance
Dec 2019 - Aug 2020Bugcrowd
•- •Participated in public and private bug bounty programs, uncovering high-severity vulnerabilities.
- •Achieved P1 Warrior Level 3 and ranked in the Top 20 globally during Q2 2021.
Certifications.
Industry-recognized credentials in offensive security and penetration testing
eWPTXv2
eLearnSecurity Web Application Penetration Tester eXtreme
eLearnSecurity
Issued: 12/2023
BSCP
Burp Suite Certified Practitioner
PortSwigger
Issued: 11/2023
CRTP
Certified Red Team Professional
Pentester Academy
Issued: 07/2022
eJPT
eLearnSecurity Junior Penetration Tester
eLearnSecurity
Issued: 05/2021
CEH Practical
Certified Ethical Hacker Practical
EC-Council
Issued: 12/2020
CAP
Certified AppSec Practitioner
The SecOps Group
Issued: 12/2022
Achievements & Hall of Fame.
Recognition from global bug bounty platforms and industry-leading organizations
Global Acknowledgements
Apple
Google
Netflix
Sony
Grammarly
Mastercard
Dell
United Nations
Toyota
Basecamp
UK Gov
BlockchainHackerOne Rankings
- •Top 300 Researchers Globally
- •Ranked 1st in India - Q4 2023
- •Ranked 14th for Highest Reputation in India, 2023
- •Ranked 5th for Highest Critical Reputation Globally, 2021
CVE Published
- •CVE-2022-0942
- •Cross-Site Scripting (XSS) vulnerability discovered in showdoc - an open-source API documentation tool, enabling attackers to inject malicious scripts via crafted input.
Testimonials.
What people say about working with me
noobyboy is a professional and responsive reporter, accurately outlining vulnerabilities and helping to clarify any uncertainties. Their contributions are much appreciated.
Ajaysen R found a reflected cross site scripting bug in one of our cgi scripts, this way he helped us improve the security of our website. He was really fast to react, working with him was really a pleasure. We are grateful for the issues he made us aware of.
Really appreciate your help identifying an XSS on our website. Your responsible disclosure and example video allowed us to immediately find and correct the problem. Thank you for helping us keep the internet safe.
Blog.
Insights on penetration testing, bug bounties, and offensive security
Get In Touch.
Whether you have a question about my work, want to discuss a penetration testing engagement, or just want to say hi, my inbox is always open.