Penetration Testing · Vulnerability Research · Bug Bounty
I break things to understand how they work, then document what I find. Ranked top 8% on TryHackMe, active bug bounty hunter on HackerOne, and published room contributor. Building offensive security skills one exploit at a time.
I'm a self-taught cybersecurity researcher based in Kerala, India. My journey into security started with a curiosity about how systems fail — and turned into a full commitment to offensive security, vulnerability research, and penetration testing.
With 4+ years in technical support and implementation for US-based SaaS clients, I understand enterprise environments from the inside. Now I apply that knowledge to find and exploit weaknesses in them. I run the Garuda Vault security research brand and create content to make cybersecurity accessible to beginners.
Authored and published an original beginner-level Linux forensics room on TryHackMe under the Garuda Vault brand. Designed the vulnerable environment from scratch, built the scenario, and wrote guided documentation.
Active bug bounty hunter on HackerOne (garudavault). Conducting web application security assessments on production targets — identifying IDOR vulnerabilities, unauthenticated data exposure, and API misconfigurations.
Conducted a full infected hard drive recovery for a small business. Performed forensic imaging (dd/gzip), malware scanning with ClamAV (Sality, Pioneer, Ramnit), read-only evidence mounting, drive sanitization, and delivered SOPs.
Completed advanced rooms including full attack chains: reverse shells, credential brute-forcing, SSRF exploitation, webshell deployment, hash cracking, PAM abuse, PHP cookie forgery, and Python oracle attacks.
Open to cybersecurity roles, collaboration on security research, or just a conversation about breaking things.
soorajcodes@gmail.com