Achievements

Certifications/Courseworks

• Certified DevSecOps Professional
• Kubernetes for the Absolute Beginners
• Golang Bootcamp
• Essential Threat Modelling
• SAST and Code Review for DevSecOps
• Application Security Foundations

CVEs

• CVE-2019-10349 - Stored XSS vulnerability in Dependency Graph Viewer Plugin
• CVE-2019-6804 - Rundeck Community Edition - Cross-Site Scripting
• CVE-2017-14618 - PHPMyFAQ 2.9.8 - Cross-Site Scripting
• CVE-2017-14619 - PHPMyFAQ 2.9.8 - Cross-Site Scripting
• CVE-2017-15284 - OctoberCMS 1.0.425 (Build 425) - Cross-Site Scripting
• CVE-2017-15878 - KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting
• CVE-2017-15879 - KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection
• CVE-2017-16807 - Kirby CMS < 2.5.7 - Cross-Site Scripting
• CVE-2017-18048 - Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
• CVE-2017-18049 - SilverStripe CMS 3.6.2 - CSV Excel Macro Injection

Presentations

• null Pune: Security Champions Program, Developer Education and Advocacy
• InfosecGirls Workshop: Web Application Security
• Garage4Hackers: Talk on CSV Injection Attacks

Vulnerability Publications

• ExploitDB
• SSD Advisory – Monstra CMS RCE

Vulnerability Acknowledgements

• Internshala
• ProjectSend
• Intel
• Zenmate
• Epic Privacy Browser
• Eduonix
• Eset
• GroSum