I'm a Cybersecurity Practitioner

I'm a Tech Enthusiast

I'm an Exploit Creator

I'm a CTF Player

Hello👋,Myself Hrishikesh Patra

Cybersecurity Analyst at a Big 4 Firm - Safeguarding the Digital Frontier

About Me

Identification

I'm Hrishikesh Patra, a Cybersecurity Professional

I specialize in securing Web and Android applications by identifying and mitigating risks through comprehensive vulnerability assessments and penetration testing. With a strong focus on safeguarding APIs and IT infrastructures, I analyze threats, prioritize vulnerabilities, and implement effective remediation strategies.

In addition to security assessments, I develop custom security tools, create proof-of-concept exploits, and perform in-depth malware analysis to enhance protection. I stay updated with the latest security trends and technologies, constantly improving my skills. Whether working in teams or individually, I thrive in dynamic environments, seeking to contribute my expertise and grow in a challenging cybersecurity role.

3+

Years Experience

10+

Certificates

80+

Hours of Courses

10+

Projects Done

Resume

Profile

Experience

February 2025 - Present

Security Analyst - 2

Ernst & Young Global Delivery Services (EY GDS), Kolkata

  • Conducting comprehensive Web Application and API Penetration Testing to identify security vulnerabilities.
  • Collaborating with development teams to remediate security issues and enhance application security.
  • Assessing and prioritizing vulnerabilities based on organizational business impact to minimize risk.
  • Leveraging OWASP Top 10 and industry best practices to ensure robust security assessments.
  • Executing manual penetration testing and automated source code analysis to uncover security flaws.
  • Designing and developing Capture The Flag (CTF) challenges and security labs inspired by real-world attack scenarios.

Centre for Development of Advanced Computing (C-DAC)

Deputed by ManpowerGroup Pvt. Ltd.

Kolkata, West Bengal, India

Assistant Information Security Analyst

May 2023 - February 2025

  • Was promoted for outstanding performance.
  • Mitigated 15 critical vulnerabilities, including payment bypass and RCE.
  • Conducted security tests on 20+ web applications and 15 APIs.
  • Identified 150+ vulnerabilities in alignment with the OWASP Top 10.
  • Audited 30 Android apps using MobSF, Frida, and Genymotion.
  • Ensured API security and delivered reports with a 70% closure rate.

Information Security Associate

March 2022 - April 2023

  • Conducted web and mobile application security testing.
  • Identified and prioritized vulnerabilities based on the OWASP Top 10.
  • Provided remediation guidance and ensured issue resolution.

Education

August 2022 - July 2024

Master of Computer Application

JAIN (Deemed to be University)

Full-time MCA - CS and IT  (Online Mode)[UGC & AICTE Approved]
Acquired skills of Web Development, Python, PHP, Networking, DBMS, Computer Programming, Project management, etc.

Grade: A (9.04 CGPA)

November 2020 - December 2022

Diploma

Indian School of Ethical Hacking (ISOEH)

Diploma in Cybersecurity
Acquired skills of C, Python, Networking, Cybersecurity, Ethical Hacking, Penetration Testing, etc.

Grade: A

July 2019 - July 2022

Bachelor Degree

University of Burdwan

Chandannagar Government Collage (Duplex College)

Grade: A (7.41 CGPA)

Passing Year - 2019

Higher Secondary

West Bengal Council of Higher Secondary Education

Kanailal Vidya Mandir (English Section)

Grade: A (71.2%)

Passing Year - 2017

Secondary

West Bengal Board of Secondary Education

Kanailal Vidya Mandir (English Section)

Grade: A (62%)

My Skills

Vulnerability Evaluation70%

Risk Mitigation64%

Web Application Security70%

Android Application Security65%

Report Writing55%

Python72%

JavaScript55%

PHP66%

SQL45%

Download CV

Certificates

Credentials

Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here
Want to Show Details?
Click Here

Interest

Avocations

Malware Analysis

Performs Malware analysis using static and dynamic techniques like sandboxing and reverse engineering to identify behaviors, functionality, and threat vectors and also safe handling and detonating of malware.

API Testing

Interest in API testing, especially REST APIs, to ensure the functionality and security of web services.

Custom Rom Building

Knowledge of building custom ROMs for Android devices, device trees, and system customization, to create unique user experiences.

Android App Reverse and Modification

I do Android app reverse engineering and modification I can analyse APK files, decompile code, and use tools such as Apktool, JD-GUI, and Frida to modify apps to enhance their functionality or bypass certain restrictions.

Capture the Flag (CTF)

As a CTF player, I possess a strong ability to solve complex cybersecurity challenges and think outside the box. I am highly skilled in areas such as cryptography, reverse engineering, and web exploitation.

My Works

Projects

Follina Exploiter (CVE-2022-30190)Available in GitHub 

A Command Line based python tool for exploit Zero-Day vulnerability in MSDT (Microsoft Support Diagnostic Tool) also know as 'Follina' CVE-2022-30190.

15+   10+ (On GitHub)

Android App Pentesting ChecklistAvailable in GitHub 

This repository contains a checklist of tasks and techniques that can be used to perform a comprehensive security assessment of an Android application.

3   1   1 (On GitHub)

WebPage Login BruteForceAvailable in GitHub 

A GUI tool for Brute Force Login in a web page with Python, hack accounts on any website with a good dictionary of words. Also brute force CSRF Token.

3   2 (On GitHub)

OWASP Top 10 for 2021 Practice GroundAvailable in GitHub 

OWASP21-PG is a practical lab for learning to identify and prevent web vulnerabilities, focusing on the OWASP Top 10 for 2021, with hands-on experience in all categories.

3   1   1 (On GitHub)

D-Dos Attack ScriptAvailable in GitHub 

A CLI Based Python3 Script For D-Dos Attack On Public IP Or Domain.

20+   5+ (On GitHub)

Stage ToolAvailable in GitHub 

A Steganography (LSB-Method) Tool For Hide-Unhide (Encode-Decode) Text From Image & Audio File. Also, Hide Image Behind An Image & Extract IT.

1 (On GitHub)

PastUSBAvailable in GitHub 

PastUSB is a powerful forensic tool for monitoring USB activity on Windows and Linux. It tracks device insertions and removals, provides device information, and helps detect unauthorized access.

1 (On GitHub)

Contact

Get in Touch

Address

Chandannagar, Hooghly
Kolkata
West Bengal, India