Skip to main content
@harshinsecurity
Harsh Kumar character illustration
Hi, my name is

Harsh Kumar

A Cyber Security Enthusiast Building Forts, Not Just Breaking Doors!

Ever wondered who's watching your back in the digital jungle? That’s where we come in, swinging from line to line of code like a cybersecurity Tarzan! 🌐🦁


By day, I’m cracking codes and fortifying digital defence as a cybersecurity engineer. It's not just about breaking in; it’s about building digital moats so deep that even dragons would think twice! 🐉🛡️ When the workday ends, I don’t just kick back; I thrive into bug bounty like a cyberPunk, seeking vulnerabilities wherever they may hide. 🕵️‍♂️💰


But life isn’t just about bits and bytes; it’s also about chasing the wind on two wheels. You’ll catch me every Sunday morning, pushing the limits of speed and thrill on my bike, leaving no road unexplored and no speed limit untested! 🚴‍♂️💨


When I'm not deep in the hunt, you'll find me diving into self-help and business books, absorbing insights faster than a security algorithm processing encrypted data! 📚💡 I also thrive on building connections, smashing sixes on the cricket field, acing volleyball serves, and exploring our world with the curiosity of a cybersecurity explorer. 🏏🏐🌍

Hit Me Up!

Who am I?

Harsh Kumar profile picture

With 3+ years of comprehensive experience in web security, I have honed my skills in web security. In addition to my hands-on experience in web security, my bug bounty passion has played a critical role in providing a strong foundation for my career.

Here is my professional background.

Cyber Security Engineer

Tekion Corp | Jan 2023 ~ Present
  • Lead efforts in identifying and resolving security issues, implementing advanced measures like threat modeling and automation tools.
  • Optimized Product Security Clearance process and conducted a developer bootcamp to enhance cybersecurity awareness.

Bug Bounty Hunter

Bugcrowd, HackerOne, Intigriti & YesWeHack | 2018 ~ Present
  • Discovered critical bugs for numerous multinational corporations and featured in the Hall of Fame for Apple, Google, Microsoft, and over 30 other MNCs.

Security Services Associate

Synopsys | Feb 2022 ~ Jan 2023
  • Conducted comprehensive security assessments for diverse sectors, led VAPT for a Fortune 500 Telecom Giant.

Blog

I write blog posts about what I've learnt and what I'm learning as a documenting practice. Here are some of my recent blog posts.
Read all blog posts

Featured Projects

"Actions speak louder than words. Witness the proof? I've got your back.
Stay tuned for a series of captivating personal projects on the horizon!"
Project image

SentinelSSH

SentinelSSH: Advanced CVE-2024-6387 Vulnerability Scanner is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.

  • ssh
  • exploit
  • openssh
  • bug-bounty
  • SentinelSSH
  • bounty-hunter
  • cve-2024-6387
Project image

Resolver

A high-performance, concurrent DNS resolver tool written in Go. This tool efficiently resolves domain names to IP addresses, handling various URL formats and providing flexible output options.

  • resolver
  • bug-bounty
  • bounty-hunter
Project image

One Liner

The main goal is to share tips from some well-known bug hunters. Using recon methodology, we can find subdomains, APIs, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters.

  • one-liner
  • bug-bounty
  • bounty-hunter
Project image

MantraMatch

MantraMatch - A Go-powered tool for security engineers to swiftly identify and verify unknown API keys. It analyzes keys against a comprehensive service database, detecting potential threats and unauthorized access. Enhance your API security posture with rapid assessment of key origins, validity, and associated risks.

  • bug-bounty
  • MantraMatch
Project image

xploitfree-scanner

An Automated Multi-Tool Web Application Scanner. It is quite a mess for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof. Enter Xploitfree scanner.

  • bug-bounty
  • bounty-hunter
  • xploitfree-scanner
Other projects can be explored in my github profile

Contact

Let's be awesome together!

As a cybersecurity enthusiast, I thrive on hacking and overcoming new challenges. If you're interested in collaborating or creating something great, don't hesitate to get in touch!

Get in touch!