Himank Jain

Application Security Engineer | LPT(M) | CPENT | CEH(M) | Bug

Bounty Hunter | CTF Player
jainhimank1004@gmail.com New Delhi, India +91 9818818841 LinkedIn

Github Youtube

SKILLS
Penetration Testing Techniques Tools and Software Others
Web Application Pentesting OSINT Burpsuite Bug Bounties
SAST and DAST Attack Surface Identification Postman Risk Analysis
Basic Knowledge of: OWASP Top 10s Accunetix Risk Management
Android Pentesting Business Logic Flaws Metasploit Security Operations Centre
API Pentesting Manual Pentesting Nmap (SOC)
Infrastructure Pentesting Nessus Security Information and
Maltego Event Management (SIEM)
Alienvault Development Languages:
SentinelOne C, C++, Python
HTML, CSS, JS

PROFESSIONAL EXPERIENCE
Application Security Intern Feb 2024 – Present | Bangalore, India
Finesse IT Labs Private Limited
Conducting web app pen-testing and documentation for various clients in the Middle East.
•

Learning Incident Response, Malware, Ransomware, Log Monitoring, and SIEM integration, like SentiOne and Alienvault
•

Handling API Pentesting and API Incident Response Management.

•

Application Security Intern Jun 2023 – Jan 2024 | Remote

Deloitte TTI-LLP
Conducted security assessments and produced pentest reports for globally recognized companies.
•

Executed comprehensive Web App, Android, API, and Infrastructure pentesting activities.
•

Identified and remediated 50+ critical vulnerabilities, ensuring a robust security framework.
•

GIT GRC Intern Jul 2022 – May 2023 | Noida, India

HCLTech
Conducted internal network segregation audit and risk analysis for various lines of business.
•

Was responsible for implementing policy and process.

•

Developed reporting metrics, dashboards, and evidence artifacts.

•

Project Intern Oct 2021 – Nov 2021 | New Delhi, India

Innobuzz Learning Solutions LLP
Oversaw the security assessment of internal web applications and dashboards.
•

Additionally, I completed two projects as part of my internship objectives:

•

Password Analyzer
•

Packet Sniffer
•

Intern Jun 2021 – Jul 2021 | Gurugram, India

Gurugram Police Cyber Security Summer Internship
Conducted cyber analysis to examine data, patterns, and trends, deriving insightful conclusions.
•

Explored cyber laws and ethics, delved into the mindset and code of conduct of cybercriminals.
•

EDUCATION
Bachelor's of Technology ( Computer Science Engineering ) Jul 2020 – Jun 2024
Bhagwan Parshuram Institute of Technology (GGSIPU)
CGPA : 8.8

Advanced Diploma in Information Security May 2020 – Aug 2021

Innobuzz Learning Solutions LLP
CGPA : 9.6
 ACHIEVEMENTS
Hall Of Fame by Inflectra.com Mar 2021
Conducted web app security testing and earned Hall of Fame recognition for reporting a bug.
•

CERTIFICATES
MITRE ATT&CK Windows MITRE ATT&CK PowerShell MITRE ATT&CK Data The Absolute Beginners
Command Shell Encrypted for Impact Guide to MITRE ATT&CK
Cert ID: Cert ID: Cert ID: Cert ID:
65c35e8f7863487cc302e1f6 65c35b83ac3d378f5801f999 65c34c12dd1ff9c069043856 65c352ba45836b1d050caaf6
Date: 7th Feb 2024 Date: 7th Feb 2024 Date: 7th Feb 2024 Date: 7th Feb 2024

Certified Cyber Security LPTv1 - Licensed CPENTv1 - Certified CEH v11 (Master) -
Mentor Penetration Tester Penetration Tester Certified Ethical Hacker
Amongst various talented Cert ID : ECC1853709462 Score : 94% Cert ID : ECC0914753286
individuals, I was nominated Valid Till : June 2025 Cert ID : ECC5609421837 Valid Till : November 2024
for the mentorship program Valid Till : June 2025
by the EC Council. CEHv11 (Theory) - Innobuzz Certified
Certified Ethical Hacker Innobuzz Linux Security Information Security
CEHv11 (Practical) - Score : 82.4% Expert Expert ( CISE )
Certified Ethical Hacker Cert ID : ECC1692783045 Cert ID : CISE-31416 Cert ID : CISE-31416
Score : 86% Valid Till : September 2024 Valid Till : August 2024 Valid Till : August 2024
Cert ID : ECC3856749012
Valid Till : November 2024 Innobuzz Certified
Vulnerability Analyst
Innobuzz Certified System Cert ID : CISE-31416
Security Expert Valid Till : August 2024
Cert ID : CISE-31416
Valid Till : August 2024

PROJECTS
AzonHarvest Apr 2024
Amazon Web Scraper
It is an Amazon Web Scraper that is capable of gathering product name and price from different Amazon domains worldwide
•

by using the ASIN number.

Throughout the project's implementation, a variety of Amazon security issues were found, but they were handled graciously.
•

Implemented a number of exceptions checks and effectively encompassed them.

•

ChipSense Apr 2023

Casino's Cash Chip Management System
It's a cash chip management system for a well-known casino in Goa, India, with a user interface and database connectivity.
•

Every chip withdrawal and deposit, including the amount per individual, account limit, and the date and time, is
•

automatically recorded.
Later on, the relevant authority will examine the records to ensure financial compliance.
•

KeyKatcher Jan 2022 – Mar 2022

The Simplified Keylogger
A Python project that captures keystrokes from the victim's keyboard and forwards them to the attacker's email.
•

The future scope includes:

•

Accessing webcam and microphone.

•

Capturing the victim's system information (IP address, MAC address, etc.)
•

Lateral Movement & Performing CRUD operations on the victim's file system.
•

Accessing the victim's browser history and cache memory to steal cookies.
•

Sniffit Oct 2021

Network Packet Sniffer
A Python packet sniffer intercepts network packets and performs MITM attacks.
•

Perform packet dissection to reveal Ethernet frame, MAC and IP addresses, IPv4 specifics, and protocol with ports.
•

P4ssw0rd-An4lys3r Aug 2021

Password Analyzer & Manager
Created a Python-based password analyzer/manager following IBM's policy.
•

Verifies passwords against preset rules, rejects non-compliant ones and offers suggestions.
•

Stores accepted passwords in encoded form for later use.

•