Β
Iβm Sachin Nishad, a passionate Offensive Security Professional pursuing a BCA in (Cloud & Security). I specialize in penetration testing, red teaming, and real-world threat simulation, with hands-on experience in lab environments, capture-the-flag (CTF) competitions, and responsible disclosures.
On a mission to solve real-world security challenges and help build safer digital ecosystems.
π Ranked Top 5% on TryHackMe | Active on HTB, CTFs
π Core Focus: Web Security, AD Exploitation, Red Team Operations
| Area Β Β Β Β Β Β Β Β Β Β Β Β | Skills/Tools Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β |
|---|---|
| π Web Pentesting Β Β Β Β Β | Identifying OWASP Top 10 issues, API flaws, authentication bypasses Β Β Β Β Β |
| 𧱠AD Exploitation      | Performing Kerberoasting, Pass-the-Hash, lateral movement           |
| π Network Attacks Β Β Β Β Β | Conducting scans with Nmap/Nessus, pivoting via Metasploit Β Β Β Β Β Β Β Β Β |
| π§ Linux Escalation Β Β Β Β | Exploiting misconfigs, SUIDs, vulnerable kernels Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β |
| π Bug Hunting Β Β Β Β Β Β Β | Recon, fuzzing endpoints, and submitting responsible disclosures Β Β Β Β Β Β |
| βοΈ Security Automation Β Β Β | Developing tools in Python/PowerShell for offensive use Β Β Β Β Β Β Β Β Β Β Β |
| π Report Writing Β Β Β Β Β | Documenting findings with risk ratings and actionable remediations Β Β Β Β Β |
π Pentest Codex β Offensive Security Notes
| Name Β Β Β Β Β Β Β Β Β Β | Description Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β |
|---|---|
| βοΈ ReconStorm Β Β Β Β Β Β | Automated tool for initial reconnaissance and footprinting, performing subdomain enumeration & port scanning. Β Β Β Β Β |
| π HTB-CPTS-Notes Β Β Β Β | Structured CPTS prep, offering comprehensive lab walkthroughs and key concepts. Β Β Β Β Β Β Β Β |
| π§° Bug-Bounty-Tools Β Β Β | A curated toolkit to streamline bug bounty workflows, including reconnaissance, directory brute force, and fuzzing. Β Β Β Β Β Β Β |
| π§ AD Attack Playbook Β Β | Collection of AD attacks + scripts to simulate realistic Red Team scenarios and understand common exploitation paths. Β Β Β Β Β Β Β Β Β Β Β |
| 𧱠Sysinternals Suite  | Curated toolkit for Windows exploitation, live analysis, and post-exploitation.      |
Offensive Security
- π‘οΈ eJPT β INE eLearnSecurity Junior Penetration Tester
- π― CPTS β (In Progress) Hack The Box Certified Penetration Testing Specialist
Defensive & Cloud
- βοΈ ICCA β INE Certified Cloud Associate
- π CNSP β Certified Network Security Practitioner (SecOps)
Other Notables
- π§ C3SA β Certified Cyber Security Analyst (CyberWarFare Labs)
- π§° EHE, TryHackMe Jr. Pentester Cert
- 𧨠OSCP Labs β Buffer overflows, privilege escalation, pivoting
- π Advanced Web β Business logic flaws, SSRF, SSTI, deserialization
- 𧱠AD Red Teaming β DCSync, ACL abuse, domain persistence
- βοΈ Cloud Hacking β AWS, Azure, GCP
- π³ Container Security β Privilege escalation in Docker/K8s
π Recon | π₯οΈ AD Misconfigs | βοΈ Cloud Exploits | βοΈ Python Automation | π§ͺ Lab Setup
- Email: sachinnishad.ceh@gmail.com