Harshit Negi

Bug Bounty Hunter | Penetration Tester | VAPT Analyst

Talent

HaldwaniMember since 29 May 2026

ReconnaissanceExploitationPrivilege EscalationPost-ExploitationSQL InjectionXSSIDORCSRFSession HijackingOWASP Top 10Burp SuiteMetasploitNmapOWASP ZAPNiktoBloodHoundImpacketWiresharkActive DirectoryPythonVAPT Reporting

Hire this person

Send a job offer directly to this candidate

ReconnaissanceExploitationPrivilege EscalationPost-ExploitationSQL Injection

About

Results-driven Penetration Tester and VAPT Analyst ranked in the Top 8% globally on TryHackMe, with 50+ cybersecurity labs completed and 35+ vulnerabilities identified and responsibly disclosed. Experienced in web and network penetration testing including reconnaissance, exploitation, privilege escalation, and professional VAPT reporting. Skilled in Burp Suite, Metasploit, Nmap, Wireshark, and OWASP ZAP. Active bug bounty hunter on HackerOne and Bugcrowd.

Experience

Cybersecurity Intern - Codec Technologies Pvt. Ltd

(2025-09 - 2025-10)

Black-Box & Grey-Box Pentesting

Identified 12 vulnerabilities (SQLi, XSS, Session Hijacking, Auth Bypass) via black-box & grey-box web app pentesting using Burp Suite and Metasploit with PoC demonstrations.
Executed full-cycle VAPT lifecycle — reconnaissance, enumeration, exploitation, privilege escalation, and post-exploitation — across web and internal network environments.
Delivered structured VAPT reports with CVSS severity ratings, risk assessment, and remediation recommendations.

Cybersecurity Analyst Intern - Oasis Infobyte

(2025-03 - 2025-04)

Vulnerability Assessment & Reporting

Identified and triaged 15+ vulnerabilities through automated and manual assessments using OWASP ZAP and Nikto across multiple web environments.
Validated privilege escalation and lateral movement scenarios to assess security control effectiveness in simulated environments.
Reported security findings to stakeholders, improving vulnerability visibility and accelerating remediation pipelines.