About

Bhashit Pandya is an Information Security Professional having 4+ years of experience with specialization in Penetration Testing, Red Teaming – Physical engagements, and Security Training.

He has done 300+ security assessments and provided training to more than 200 developers across the globe which includes Web and Mobile OWASP Top – 10, Server configuration review, and Network penetration testing.

He is invited by several colleges and government organizations to talk about Information Security and OpenSource Intelligence.

Bhashit is fueled by his passion for web and network security. Alongside, he is more and more interested to explore Social Engineering. He considers himself a ‘forever student’, eager to build his proficiency in security assessments and stay updated about the latest vulnerabilities and exploits.

He has contributed to several open source security communities like null, owasp, and hcon. He has also helped establish null chapter in Ahmedabad.

Bhashit’s hunger for knowledge and determination to turn information into action has contributed to his most recent success with HackerRank where he contributed his knowledge to support their platform. Meanwhile, he has helped a Hongkong based healthcare start-up by successfully delivering their security assessment to achieve HIPPA Compliance.

Contact:

Linkedin and Twitter

RCE post is featured on infosec writeups. https://weekly.infosecwriteups.com/iw-weekly-36-1-250eu-bounty-voip-spoofing-ssl-pinning-intercepting-proxy-xss-resources-signature-based-malware-detection-and-much-more/

Recon Methods:-

Part 1:- https://redsiege.com/blog/2020/02/recon-methods-part-1-osint-host-discovery/

Part 2:- https://redsiege.com/blog/2020/02/recon-methods-part-2-osint-host-discovery-continued/

Part 3:- https://redsiege.com/blog/2020/02/recon-methods-part-3-osint-employee-discovery/

Part 4:- https://redsiege.com/blog/2020/04/recon-methods-part-4-automated-osint/

Part 5:- https://redsiege.com/blog/2020/04/recon-methods-part-5-traffic-on-the-target/

#bugbountytips #infosecurity #cybersecurity

Here is a 2 min write-up of a classic RCE I recently discovered in one of the client’s application.

https://bhashit.in/?p=117

#rce #pentesting #bughunting #bugbounty

📢 @NullAhm November Meetup 📢
November 20, 2022 09:45AM IST

Talk #1
Have you ever wondered how #emergency radio #communication works and how #secure it is? Krutik will give a live demo of radio communication and it's security.

RSVP:
https://null.community/events/851-ahmedabad-monthly-meet
#nullahm
@null0x00