offensive security operator / senior appsec consultant

Aditya
Sharma

aka assassin_marcos

I map attack surfaces, exploit what matters, and turn findings into clear remediation plans for engineering teams.

Book a Pentest View Proof
0+
Years Experience
0+
Hall of Fame
0+
Companies Secured
0+
CVEs Published
scroll
// 01

Aditya Sharma is an experienced ethical hacker and cybersecurity researcher with 10+ years of expertise in safeguarding digital environments from evolving threats. Known in the hacking community as assassin_marcos — one of India's top bug bounty hunters and penetration testers.

Recognized by industry leaders including Google, Microsoft, Adobe, Intel, Sony, Dell, Mastercard, Philips, Nokia, AT&T, Okta, HubSpot and dozens more for responsibly disclosing critical security vulnerabilities.

Currently Senior Cyber Security Consultant at REOFT Technologies — performing penetration testing, vulnerability assessments, managing security teams, and collaborating with global organizations to strengthen their cybersecurity defenses.

LocationNew Delhi, India
FocusOffensive Security & VAPT
LanguagesEnglish, Hindi
AvailabilityOpen for engagements

Core Skills

VAPT
Penetration Testing
Network Security
API Testing
Mobile Security
Reverse Engineering
Cloud Security
Python / Bash

Tools

Burpsuite Metasploit Nuclei FFuf Wireshark Amass Dirsearch TheHarvester Nmap SQLMap
// 02

Hall of Fame

Recognized by 200+ organizations for responsible vulnerability disclosure

Google Microsoft Adobe Intel Sony Dell Mastercard Nokia AT&T Philips Okta HubSpot Bugcrowd HackerOne US DoD Google Microsoft Adobe Intel Sony Dell Mastercard Nokia AT&T Philips Okta HubSpot Bugcrowd HackerOne US DoD
CVE

CVE-2020-24416

Critical vulnerability discovered in Adobe InDesign. Reflected XSS via crafted URL leading to session hijack.

CRIT

Critical Disclosure

Critical security vulnerability discovered in MindGeek/Pornhub infrastructure and responsibly disclosed.

200+

Global Recognition

Hall of Fame from Fortune 500 companies, government agencies, and top bug bounty platforms worldwide.

Proof index Recognitions grouped by sector Public links stay separated until each acknowledgement URL is verified. Client signal LinkedIn recommendations Peer and client feedback is surfaced without overloading the first viewport. Delivery model Scope, exploit, report, retest Buyers can see how an engagement moves from authorization to closure.

Conferences

BSides Ahmedabad2022, 2023
OWASP Seaside2020, 2023
Nullcon Security2020, 2022
BSides Delhi2021
United Conf. on Cyber Space2020 (Core Team)
// 03

Work Experience

Jan 2024 — Present

Cyber Security Consultant Freelance

REOFT Technologies Pvt. Ltd. — Indore, India
  • Performing penetration testing and vulnerability assessments, identifying and mitigating system weaknesses in hotel industry networks
  • Managing team of four people along with project pitching and client acquisition
  • Collaborating with global organizations to identify and resolve system vulnerabilities, strengthening their cybersecurity defenses
Jan 2017 — Present

Cybersecurity Researcher Bug Bounty

Bugcrowd — Delhi, India
  • Active bug bounty researcher on Bugcrowd platform, identifying critical vulnerabilities across enterprise targets
  • Excellent communication in reporting vulnerabilities and collaborating with security teams
Mar 2016 — Present

Cybersecurity Researcher Bug Bounty

HackerOne
  • Utilized ethical hacking techniques to simulate cyber threats via penetration testing and code reviews
  • Followed responsible disclosure practices, collaborating with organizations to ethically resolve vulnerabilities
  • Prepared clear vulnerability reports, translating technical details for diverse audiences
  • Worked closely with clients to assess security needs, delivering customized solutions
Sep 2021 — Sep 2022

Cyber Security Analyst Remote

SpyderAuth Security Pvt. Ltd. — Jaipur, India
  • Performed penetration testing and vulnerability assessments on systems and networks
  • Conducted security audits to ensure compliance with industry standards and regulatory frameworks
  • Created comprehensive security reports with actionable recommendations for management
  • Consulted for global enterprises, improving cybersecurity measures resulting in 30% decrease in incidents
// 04

Featured Projects

Tools & platforms I'm building in the offensive security space

Open Source

PortWave

Hybrid IPv4/IPv6 port scanner + httpx + nuclei recon pipeline

A high-performance recon CLI that chains fast port discovery into HTTP probing and Nuclei templating. Adaptive concurrency control (~1500 probes), ASN/CIDR/IP range expansion, configurable port lists, and a two-phase scan (discovery + enrichment) tuned to avoid ephemeral-port exhaustion on long scans. Built for pentesters who live in the recon stage.

Rust httpx Nuclei IPv6 Recon
View on GitHub
Building

RetroHack

SaaS Attack Surface Management & Offensive Recon Framework

A full-stack offensive security platform that automates external attack-surface discovery, asset enrichment, and continuous vulnerability monitoring for organizations. Modular blueprint architecture covering subdomain & JS intel, XSS/SSRF/redirect engines, supply-chain & cloud checks, mobile, leaks, code scan, compliance, OSINT and more — backed by Redis caching, a circuit-breaker layer, role-based access control, and AI-assisted triage modules. Currently in active development with a Go performance migration underway.

Python Flask Go PostgreSQL Redis WebSocket SaaS
Private beta — launching soon
// 05

How I Work

A transparent, four-stage engagement — from first call to final retest

01

Scoping & Recon

Kick-off call to align on scope, rules of engagement, and success criteria. Passive + active reconnaissance, asset mapping, and threat modelling to build an attacker's view of your surface.

02

Exploit & Validate

Hands-on testing against your scope — OWASP/PTES methodology, manual business-logic review, chained exploits. Every finding is proof-of-concept validated to guarantee zero false positives.

03

Report & Debrief

Executive summary for leadership, technical writeup with PoC steps for engineers, CVSS-scored risk ratings, and prioritised remediation guidance. Live walkthrough call with your team.

04

Retest & Sign-off

After your team ships fixes, I retest every finding at no extra cost and issue a clean-bill-of-health letter — useful for compliance audits, SOC2, and customer due-diligence.

// 06

What Clients Say

Recommendations from clients and peers on LinkedIn

I highly value the professionalism and expertise of Aditya Sharma in the field of information security. His effective work in identifying vulnerabilities in our infrastructure has significantly improved our defense against cyber threats. I recommend Aditya Sharma as a reliable information security specialist.
Vladimir Fadeev
Client · December 2023
Good penetration tester, well work.
Roman Yaryzhenko
DevOps Team Lead / Infrastructure Architect
Client · April 2024
Me and Aditya worked on some projects while testing and learning. His strategy about completing task is very awesome and sharp. Hoping to do more work with Aditya Sharma.
Aditya (PreGen AI)
Bug Bounty Hunter & Trainer · Top 100 @Bugcrowd
Peer · August 2020
Read more on LinkedIn →
// 07

Recent Writeups

Latest posts from my Medium blog — bug bounty writeups, research notes, and offensive security deep-dives

✎ blog Tue, 13 Aug 2024

Breaking the Barrier: Admin Panel Takeover Worth $3500

Read on Medium
✎ blog Tue, 24 Aug 2021

[$5K] Misconfigured Reset password that leads to Account Takeover (No user Interaction ATO)

Read on Medium
✎ blog Fri, 07 Jun 2019

Don’t underestimates the Errors They can provide good $$$ Bounty!

Read on Medium
All posts on Medium →
// 08

Pentest Services

Web Application Pentest

Comprehensive OWASP Top 10 assessment, business logic testing, authentication bypass, privilege escalation, and API security review.

  • OWASP Top 10 coverage
  • Business logic flaws
  • Auth & session management
  • Detailed remediation report
Starting from$3,000USD

Network Penetration Testing

External and internal network assessments. Active Directory exploitation, lateral movement, and privilege escalation chains.

  • External / internal scope
  • Active Directory attacks
  • Lateral movement chains
  • Firewall & segmentation review
Starting from$7,500USD
📱

Mobile Security Testing

Android and iOS application security assessment. Static & dynamic analysis, API hooking, SSL pinning bypass, and data storage review.

  • Android & iOS apps
  • Static & dynamic analysis
  • API hooking & tampering
  • Data leakage review
Starting from$2,500USD
🔎

Vulnerability Research

Deep vulnerability research, CVE discovery, and responsible disclosure. Reverse engineering and exploit development.

  • CVE discovery & disclosure
  • Reverse engineering
  • Exploit development
  • Zero-day research
Contact for custom quote →
💻

API Security Testing

REST, GraphQL, and gRPC API assessments. Broken object-level authorization, rate limiting, injection, and data exposure testing.

  • REST / GraphQL / gRPC
  • BOLA & BFLA testing
  • Rate limit & injection
  • Data exposure review
Contact for custom quote →

Cloud Security Assessment

AWS, GCP, and Azure security posture review. IAM misconfigurations, S3 bucket exposure, serverless function abuse.

  • AWS / GCP / Azure
  • IAM & policy review
  • Storage exposure audit
  • Container & serverless security
Contact for custom quote →

Senior-level rates reflecting 10+ years of offensive security experience and 200+ Hall of Fame recognitions. Every engagement includes scoping, retest, and a detailed remediation report — no hidden fees.

// 09

Get in Touch

Need a penetration test? Have a security concern? Let's talk.

𝕏
Response time: Usually within 24 hours.
NDA: Available upon request before engagement.

Share the target type, approximate scope, timeline, and whether an NDA is needed. Required fields are enough to start.

Avoid secrets or production credentials. High-level scope is enough for the first reply.