About

About Me

AAYUSH PANTHA

The Blue Teamer’s Red Teamer
CRTP | Comptia Pentest+ | ACP | CASA

aayushpantha97@gmail.com
Kathmandu, Nepal

PROFESSIONAL SUMMARY

Mid-level Security Researcher at SecureIQLab, specializing in independent, adversarial validation of next-generation enterprise security products for global leaders including Google, Palo Alto Networks, Cloudflare, AWS, Imperva, F5, Fortinet, Netskope, Akamai, Sophos, Forcepoint, Barracuda, and others.

I lead red-team-style evaluations across high-stakes categories: WAAP (Web & API Protection), Advanced Cloud Firewalls, SASE, EDR/Endpoint, Enterprise Browsers, GENAI security, and Command & Control defense. My process is rigorous and attacker-centric: master vendor deployments, engineer realistic attack chains, craft custom payloads and evasion techniques, simulate APTs, ransomware campaigns, tunneling, DoS, OWASP Top 10 + API exploits, and full-spectrum threats, then measure blocking efficacy, policy enforcement, false positives, and alignment with NIST, MITRE ATT&CK, and enterprise benchmarks.

SKILLS & WEAPONS

  • Enterprise Security Validation — Adversarial testing & efficacy scoring of WAAP, ACFW, SASE, EDR, Endpoint, Enterprise Browser, GENAI, C2 defenses for tier-1 vendors (Palo Alto, Cloudflare, AWS, Fortinet, Imperva, F5, Netskope, Akamai, Sophos +)

  • Web & API Exploitation — OWASP Top 10 + API Security, chaining multiple vulnerability, custom payload forging, evasion, policy bypass testing

  • Active Directory Domination (CRTP Certified) — Full AD red team mastery: enumeration (BloodHound, PowerView), Kerberoasting/AS-REP, delegation/ACL abuse, Kerberos attacks (Golden/Silver tickets, delegation variants), local/domain priv esc, persistence, lateral movement, trust exploitation, cross-forest pwn, AD CS abuse, DCSync

  • Command & Control Arsenal — Cobalt Strike (500+ custom profiles), PowerShell Empire, Covenant, Caldera; profile crafting, C2 traffic evasion, large-scale simulation & detection bypass

  • Ransomware & Malware Ops — Custom variant creation, 700+ real-world sample harvesting/analysis across families, isolated kill-lab builds, threat intel extraction, EDR/endpoint efficacy hammering

  • Network & Cloud Assault — Advanced Cloud Firewall testing, tunneling (protocol abuse), APT emulation, URL filtering bypass, SASE/zero-trust cracking, DoS barrages

  • Browser & Endpoint Breaching — Enterprise browser isolation/policy evasion, endpoint detection/response simulation, runtime manipulation

  • Offensive Tradecraft — Custom payload development, attack chain engineering, red-team methodology (recon → initial access → execution → persistence → exfil → impact)

  • Defensive Insight — NIST/MITRE ATT&CK alignment auditing, false-positive analysis, operational efficiency gaps, mitigation validation

  • Leadership Firepower — Led 3 full-cycle projects to mission success: Enterprise Browser, C2 stress-testing, Ransomware readiness certification; client/vendor-facing reporting, metrics-driven storytelling

TOOLS & ARSENAL

  • Burp Suite.
  • Bloodhound
  • Metasploit
  • Docker
  • Postman
  • Mimikatz
  • Nessus
  • ZAP
  • Cobaltstrike
  • Nmap
  • Acunetix
  • Many more

EXPERIENCE

Mid-Level Security Researcher SecureIQLab LLC Nepal (Onsite) May 2025 – Present

  • Led ransomware detection validation project, evaluating EDR and antivirus solutions against file encryption behaviors across multiple ransomware families
  • Performed static and dynamic analysis of ransomware samples to confirm authenticity and suitability for controlled testing
  • Developed custom ransomware variants to assess detection bypass techniques and evasion capabilities
  • Directed Command and Control (C2) detection testing, focusing on network-level blocking, beacon identification, and visibility of post-exploitation commands
  • Created and maintained over 500 custom C2 profiles using Cobalt Strike, MITRE Caldera, Sliver, Havoc, and PowerShell Empire frameworks
  • Executed advanced Active Directory attack simulations, including Golden, Silver, and Diamond Ticket attacks, AD CS exploitation, cross-domain trust abuse, SPN enumeration, and Kerberoasting
  • Validated security controls for Web Application Firewalls (WAF), API protection, Advanced Cloud Firewalls, and Enterprise Browsers through realistic exploitation scenarios
  • Served as primary point of contact for global vendors, leading engagements, delivering weekly progress updates, and presenting comprehensive final technical reports with findings and recommendations

Associate Security Researcher Vairav Technology Security Pvt. Ltd. (Onsite) July 2023 – April 2025

  • Conducted web application and network penetration testing engagements to identify vulnerabilities and assess security posture
  • Designed and executed adversary emulation exercises aligned with the MITRE ATT&CK framework
  • Tested vendor security solutions to validate claimed detection capabilities and uncover coverage gaps
  • Developed custom attack payloads and exploitation scenarios to rigorously evaluate the effectiveness of security controls

EDUCATION

BSc (Hons) Computer Networking & IT Security (Cyber Security)
Islington College | London Metropolitan University – Kathmandu

CERTIFICATIONS (THE BADGES)

  • Certified Red Team Professional (CRTP)
  • Comptia Pentest+
  • APIsec Certified Practitioner (ACP)
  • Certified API Security Analyst (CASA)
  • Network Security Expert Level 1,2,3,4
  • AWS Cloud Quest: Cloud Practitioner

ACHIEVEMENTS

  • Enterprise Browser : Led validation for Palo Alto, Netskope, and Island; exposed isolation bypasses and policy gaps under real browser-based attack pressure.
  • Command & Control : Directed large-scale C2 testing against Palo Alto; authored 500+ custom Cobalt Strike and PowerShell Empire profiles using Covenant, Caldera, and Empire frameworks to stress-test detection at enterprise scale.
  • Ransomware : Spearheaded end-to-end efficacy testing for a pre-release vendor; built isolated environments, collected and analyzed 700 real-world ransomware samples across families, developed custom variants, delivered detailed threat intelligence, and drove remediation until product achieved production readiness.
  • Acknowledged by Mysecondteacher for surfacing a critical vulnerability.
  • Found XSS in prophaze firewall dashboard

EVENTS & TALKS

  • Speaker – Pentester Nepal 11th Anniversary: DLL HIJACKING
  • Speaker – Presidential College : Unlocking opportunites in Offensive and Defensive Security

CONNECT & STALK

  • Website: https://aayushpantha.com.np
  • Medium (deep writes): https://medium.com/@aayushpantha
  • LinkedIn: https://www.linkedin.com/in/aayushpantha/
  • GitHub: https://github.com/aayushpnth