Harshul Vaishnav

Harshul Vaishnav

Penetration Tester · Red Team Operator · Offensive Security Engineer

I am an OSCE3-certified penetration tester specialising in web and mobile assessments, with a strong focus on Active Directory. I combine deep manual testing with targeted automation to uncover high-impact issues and deliver remediation-first findings.

ExperienceCertificationsProjects
Active Directory SecurityWeb & API SecurityMobile App Security (Android/iOS)Red Team OpsInfrastructure SecurityAutomation (Python/Bash)Reporting & Remediation
Harshul Vaishnav

Highlights

A quick overview.

Offensive Security

  • Web & API assessments across modern auth
  • Android/iOS reviews with a data handling focus
  • Internal testing with Active Directory attack paths
  • Repro steps plus remediation first reporting

Certifications

  • OSCE3 track plus advanced OffSec coursework
  • Regular labs under realistic time pressure
  • Fundamentals plus defensive awareness
  • Practical exams backed by hands on work

Skills

  • AD enumeration, escalation and lateral movement
  • Web and mobile testing with repeatable automation
  • Clear reporting with retest ready guidance
  • Scripts and checklists for consistent delivery

Recent experience

View all

Penetration Tester

Mobisec

  • Led structured penetration tests across Android/iOS, web, APIs, internal networks and Active Directory.
  • Built small automations to speed up repeatable checks and expand coverage.

Researcher

Dhirubhai Ambani University

  • Designed privacy-preserving matching protocols (PSI, equality, wildcard) under realistic threat models.
  • Prototyped partial-matching variants using Paillier/FHE and validated correctness and edge cases.

Top certifications

View all

OffSec Certified Expert 3 (OSCE3)

OffSec

OffSec expert credential awarded after passing OSWE, OSEP and OSED. Validates advanced web testing, evasion tradecraft and Windows exploit development.

OffSec Exploit Developer (OSED)

OffSec

EXP-301 focuses on Windows user mode exploit development with debugging and reverse engineering. Covers DEP and ASLR bypass techniques and custom exploit building.

Selected projects

View all

Mobile Application Security Testing Automator

Offensive Security

Automation tool for Android and iOS testing with repeatable static checks and runtime probes. Produces a quick triage bundle that guides deeper manual work.

FridaPythonMobile App SecurityAutomation

Analysis of Return Oriented Programming (ROP)

Offensive Security

Study of ROP gadget discovery tools and automation workflows. Reviewed common defenses and where automation tends to break down.

Exploit DevelopmentROPReverse Engineering