Aayush Pantha
Driven Cybersecurity Researcher & Penetration Tester specializing in web and network security, Active Directory exploitation, and adversary simulation. Experienced in collaborating with 20+ global vendors including Palo Alto, Fortinet, AWS, Cloudflare, Check Point, Sophos, and others — testing products such as WAF, ACFW, SASE, and EDR solutions.
Introduction
About Me
I'm a cybersecurity researcher with a passion for offensive security operations and advanced threat research. With a Bachelor's degree in IT Security and Networking, I've built expertise across the entire security spectrum.My career has been defined by hands-on experience in red team operations, penetration testing, and security tool development. I've worked extensively with enterprise security solutions and led security assessments for organizations across multiple industries.
Currently at Vairav Technology since July 2023, I continue to push the boundaries of offensive security research while mentoring junior security professionals and delivering technical training to clients.
Competencies
Technical Skillset
This section provides a visual and detailed overview of my technical capabilities. The chart highlights my proficiency across key cybersecurity domains, demonstrating a balanced expertise in both offensive and defensive disciplines. Below, you'll find a categorized list of the primary tools and technologies I leverage to secure digital environments.
Offensive & Red Team
OWASP Top 10, Web App Pentesting, API Pentesting, Network Pentesting, Metasploit, Cobalt Strike, Burp Suite, Postman, Nmap, PowerShell Empire, Wireshark
Defensive & Blue Team
SIEM/SOC Tech (Splunk), Malware Analysis, Incident Response, Firewall Configuration (Palo Alto, Fortinet)
Leadership & Soft Skills
Team Leadership, Client Training, Intern Mentorship, Technical Communication, Strategic Planning
Portfolio
Impactful Project Case Studies
Here are highlights from some of my recent engagements. Each project demonstrates a real-world application of my skills, following a structured approach to identify challenges, implement solutions, and deliver measurable results. Click on any project to explore the detailed case study.
Credentials
Certifications & Education
My expertise is backed by industry-recognized certifications and a strong academic foundation. This section highlights my credentials, which validate my skills in both practical, hands-on offensive security and broader enterprise security architecture.
CRTP
Altered Security
Active Directory Attack-Defense Lab.
CASA
APISEC University
API security threats, risks, and best practices
ACP
APISEC University
API security expertise.
C3SA
CyberWarFare Labs
Foundational skills in web, network, OS, and cloud security.
Bachelor of Technology
IT Security and Networking
Comprehensive foundation in network architecture and security principles.
Partnerships
Strategic Technology Alliances
Throughout my career, I have collaborated with leading technology vendors to implement, test, and secure complex enterprise environments. This experience demonstrates my ability to work within diverse ecosystems and leverage industry-standard solutions to enhance security posture.
Opportunity
Why Hire Me?
This section provides a concise overview of my professional qualifications, experience, and key strengths, serving as a quick reference for potential employers and collaborators.
Professional Summary
- Experienced Cybersecurity Researcher specializing in offensive security and strategic defense.
- Proven track record in web application, API, Network, and next-generation firewall protection.
- Skilled in both red team tactics (e.g., Cobalt Strike, Metasploit) and blue team analysis (e.g., malware analysis, SIEM/SOC).
- Adept at leading teams, mentoring interns, and providing technical training to clients.
- Collaborative professional with experience working with leading vendors like Fortinet, Microsoft, and AWS.
Key Skills
Work Experience
Mid-Level Security Research Analyst
SecureIQLab | May 2025 – Present | Full-time
- Conducted advanced penetration testing on web applications, networks, and Windows environments, focusing on Active Directory exploitation.
- Collaborated with 20+ global vendors (Palo Alto, Fortinet, AWS, Cloudflare, etc.) to test WAF, ACFW, SASE, EDR, and enterprise browser solutions.
- Developed and maintained The Fallen Gaze C2 framework for adversary simulation, automating post-exploitation workflows with Python/PowerShell.
- Conducted threat simulations aligned with MITRE ATT&CK, identifying gaps and providing actionable remediation.
- Mentored junior analysts and delivered security awareness programs.
Associate Security Research Analyst
Vairav Tech | Nov 2023 – Jun 2025 | Full-time
- Conducted VAPT assessments for clients, covering web apps, networks, and cloud environments.
- Contributed to the creation of security assessment tools and scripts for vulnerability scanning and exploitation.
- Documented findings in detailed technical reports, highlighting risk impact and remediation.
- Participated in red team exercises simulating real-world adversaries using MITRE ATT&CK techniques.
Security Research Analyst (Internship)
Vairav Tech | Jul 2023 - Oct 2023 | Internship
- Assisted senior analysts in web application penetration testing and network security assessments.
- Supported threat hunting and malware analysis labs, identifying potential attack vectors.
- Gained hands-on experience with enterprise security tools and frameworks.
Education
Bachelor in IT Security and Networking
London Metropolitan University
Ready to discuss your security needs?
Contact Me DirectlyInsights
My Blog
Explore my thoughts and research on various cybersecurity topics, from offensive techniques to defensive strategies and industry trends.