┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ ┃
┃ 🛡️ Certified Junior Penetration Tester (eJPT) with expertise in ┃
┃ offensive security, web application security (VAPT), and ┃
┃ vulnerability research. ┃
┃ ┃
┃ 🎯 Recognized in Bug Bounty Hall of Fame (NASA, Ulta Beauty, ┃
┃ Dreamscape Networks) for responsible vulnerability disclosure. ┃
┃ ┃
┃ 🚀 Active CTF player on Hack The Box, TryHackMe & PortSwigger Labs ┃
┃ with hands-on experience in real-world security challenges. ┃
┃ ┃
┃ 💡 Passionate about Red Teaming, Network Security, OSINT, and ┃
┃ building open-source security tools for the community. ┃
┃ ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
Preparing for Active Directory Red Team Specialist certification — focusing on AD exploitation, lateral movement, and privilege escalation. |
Actively hunting on Bugcrowd, HackerOne & Intigriti, specializing in OWASP Top 10, IDOR, SSRF, and business logic vulnerabilities. |
Developing open-source security tools — OSINT platforms, recon frameworks, and automated vulnerability scanners. |
|
Recognized by leading organizations for responsibly identifying and disclosing critical security vulnerabilities.
These recognitions reflect commitment to ethical hacking and responsible disclosure practices that protect thousands of users. 
|
🔐 Industry Certifications
| Certification | Issuer | Date | Credential ID | Status |
|---|---|---|---|---|
| eJPT — eLearnSecurity Junior Penetration Tester | INE | Nov 2025 | 164839576 |
✅ Verified |
| EHE — Ethical Hacking Essentials | EC-Council | Aug 2024 | 350242 |
✅ Verified |
| OWASP Top 10 2021 | Cybrary | Aug 2024 | CC-bdfa51c8 |
✅ Verified |
| SQL Injection: Attacks & Defense | EC-Council | Jun 2024 | 339330 |
✅ Verified |
| Cybersecurity & Privacy | NPTEL | Nov 2024 | NPTEL24CS121S1050101544 |
✅ Verified |
🎯 Platform Certifications & Training
| Program | Platform | Date | Focus Areas |
|---|---|---|---|
| Jr. Penetration Tester | TryHackMe | Aug 2024 | Network Security, Metasploit, Burp Suite |
| Cyber Security Internship | InternsElite | Aug 2024 | Recon, Social Engineering, Malware Analysis |
| Web Fundamentals | TryHackMe | Aug 2024 | Web Application Security |
| Pre Security | TryHackMe | Jul 2024 | Fundamentals |
| Introduction to Cybersecurity | TryHackMe | Jun 2024 | Core Concepts |
|
Python — Expert Automation, Exploits, Tools |
Bash — Advanced Shell Scripting, Enumeration |
JavaScript — Intermediate XSS, DOM Analysis |
C/C++ — Intermediate Buffer Overflow, Exploits |
SQL — Advanced SQLi, Database Exploitation |
| Tool | Description | Stack | Links |
|---|---|---|---|
🕵️ SurfaceHunter
|
Advanced OSINT & Recon Automation Platform • 250+ Pre-built Google Dorks • 24+ Vulnerability Categories • OWASP Top-25 Parameter Scanner • 150+ High-Risk URL Parameters • Automated Query Generation • Bug Bounty Optimized Workflow • Zero Configuration Required |
HTML5 / CSS3 / JavaScript Client-Side · No Backend |
 
|
🎯 ThreatMatrix
|
Comprehensive Security Assessment Framework • Vulnerability Research Dashboard • Threat Intelligence Aggregator • Automated Security Scanning • Multi-Vector Attack Simulation • Real-Time Threat Monitoring • CVE Database Integration • Professional Reporting Module |
HTML5 / CSS3 / JavaScript Client-Side · API Integration |
|
| Initiative | Details |
|---|---|
| 🐛 Bug Bounty |
Active on Bugcrowd · HackerOne · Intigriti · YesWeHack Focus: Session Management, Authentication Flaws, IDOR, SSRF, Business Logic  
|
| 🔬 Security Research |
• Session Management Vulnerabilities & Exploitation Techniques • Advanced SSRF in Cloud Environments (AWS, Azure, GCP) • Authentication Bypass in Modern Web Frameworks • API Security & GraphQL Exploitation • OSINT Automation & Intelligence Gathering  
|
| 🎮 CTF Participation |
Hack The Box (Rank: Hacker) · TryHackMe (100+ rooms) · PortSwigger Labs (50+ labs) 
|
| 📚 Content Creation |
Technical write-ups on Medium · Open-source tools on GitHub · Video tutorials on YouTube Topics: Web security, OSINT techniques, tool development, CTF walkthroughs 
|
 Portfolio |
 |
 GitHub |
 Medium |
 Twitter/X |
 |
 YouTube |
 |
Known As: dharmstm · dharmendrastm · dharmendracyberhacks
|
|||
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ ┃
┃ CODE OF ETHICAL CONDUCT ┃
┃ ┃
┃ ✓ Test only systems with explicit written permission ┃
┃ ✓ Follow responsible disclosure timelines and procedures ┃
┃ ✓ Respect privacy and data confidentiality at all times ┃
┃ ✓ Never exploit vulnerabilities for personal gain ┃
┃ ✓ Contribute to a safer internet through ethical research ┃
┃ ✓ Maintain professionalism and integrity in all security work ┃
┃ ✓ Educate and empower others in cybersecurity best practices ┃
┃ ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
All security research is conducted with authorization, responsibly, professionally, and in compliance with applicable laws. All tools and information are shared for educational and authorized testing purposes only.
⚠️ Disclaimer: Unauthorized access to computer systems is illegal. I hold no responsibility for misuse of any tools or information shared publicly.
| Timeline | Goal | Description |
|---|---|---|
| Q1 2026 | AD Red Team Specialist | Active Directory exploitation, Kerberos attacks, domain persistence |
| Q2 2026-2027 | OSCP Preparation | Industry-standard penetration testing certification |
| Q3 2026 | Tool Suite Release | Advanced recon, vulnerability scanning, exploit frameworks |
| Q4 2026 | eWPT Certification | Advanced web application penetration testing |
| 2026+ | Full-Time Pentester | Senior security role at a leading cybersecurity firm |
