Bhargav Hede_
AI Security Specialist | CVE Hunter | Bug Bounty Hunter
I simulate sophisticated adversaries to expose critical weaknesses before attackers do.
Specializing in Red Team Operations, AI/LLM Security, and Attack Chain Development.
From AI-powered chatbot vulnerabilities to multi-stage adversarial simulations, I help organizations understand their true security posture by thinking and acting like the threats they fear most. With 5+ years of offensive security experience and 9 CVEs discovered, I bring real-world attack expertise to every engagement.
Professional Experience
5+ years in offensive security and red team operations
Senior Security Analyst
Sumasoft Pvt. Ltd., Pune
Key Responsibilities
- ▸Leading red team engagements simulating sophisticated adversarial tactics across people, processes, and technology
- ▸Conducting AI/LLM security assessments, AI chatbot penetration testing, and RAG system security evaluations
- ▸Developing custom attack chains and C2 infrastructure for realistic adversarial simulations
- ▸Creating AI-powered workflows to automate and enhance penetration testing efficiency
- ▸Delivering executive-level threat intelligence briefings and remediation roadmaps
- ▸Performing MCP (Model Context Protocol) security testing for AI integrations
Technical Expertise
Security Analyst | Penetration Tester
Sumasoft Pvt. Ltd., Pune
Key Responsibilities
- ▸Executed comprehensive penetration tests across web, mobile, API, and network infrastructure
- ▸Performed vulnerability assessments using Nessus, Burp Suite, Metasploit, and custom tooling
- ▸Conducted thick client application testing with advanced bypass techniques
- ▸Performed IoT device security testing including firmware analysis
- ▸Identified and remediated critical security gaps for enterprise clients
Red Team & AI Security Services
Adversarial simulation | AI/LLM security | MCP testing | OSINT | Attack chain development
Red Team Engagements
Full-scope adversarial simulations testing people, processes, and technology to validate detection and response capabilities
- ▸Multi-stage attack simulation
- ▸C2 infrastructure setup & management
- ▸Lateral movement demonstration
- ▸Domain escalation scenarios
- ▸Physical security bypass
AI/LLM Red Teaming
Adversarial testing of AI/ML systems for prompt injection, jailbreaks, data leakage, and model manipulation
- ▸Direct & indirect prompt injection
- ▸LLM jailbreak techniques
- ▸Training data extraction attempts
- ▸Model poisoning detection
- ▸AI output manipulation testing
AI Chatbot & RAG Security
Comprehensive security testing of conversational AI, chatbots, and Retrieval-Augmented Generation systems
- ▸Business logic abuse scenarios
- ▸PII leakage through conversations
- ▸Context manipulation attacks
- ▸RAG document retrieval exploits
- ▸Vector database poisoning
- ▸MCP (Model Context Protocol) testing
MCP Testing
Security assessment of MCP implementations connecting AI models to external tools and data sources
- ▸Tool injection via MCP
- ▸Context window manipulation
- ▸Resource access bypass
- ▸Prompt leakage through MCP
- ▸Cross-session data contamination
Attack Chain Development
Building sophisticated kill chains from initial access to impact, demonstrating real-world adversary capabilities
- ▸Zero-day research & exploitation
- ▸Custom exploit development
- ▸Privilege escalation paths
- ▸Persistence mechanism testing
- ▸Data exfiltration simulation
OSINT
Open-source intelligence gathering to identify exposed assets, credentials, and attack surface
- ▸Passive reconnaissance (no contact)
- ▸Active enumeration techniques
- ▸Credential leak discovery
- ▸Subdomain & asset discovery
- ▸Employee social media analysis
- ▸Dark web monitoring setup
Security Research
9 CVEs discovered | Responsible disclosure | GitHub Security Advisories
ZimaOS SSRF via Proxy Endpoint
Server-Side Request Forgery in ZimaOS proxy endpoint (/v1/sys/proxy) allowing unauthenticated access to internal services when Cloudflare Tunnel is enabled
CasaOS Username Enumeration Bypass
Bypass of CVE-2024-24766 fix - username enumeration through error codes in login page
CasaOS Observable Response Discrepancy
Username enumeration through different error messages: "User does not exist" vs "Invalid password"
CasaOS Missing Rate Limiting
No restriction on excessive authentication attempts - 271 login attempts possible in 56 seconds enabling brute force attacks
ZimaOS Path Traversal
Path traversal in /v3/file API endpoint allowing authenticated users to read sensitive system files including /etc/shadow
ZimaOS File Upload Vulnerability
Arbitrary file upload vulnerability in ZimaOS allowing potential remote code execution
ZimaOS Authentication Bypass
Authentication bypass vulnerability in ZimaOS API endpoints
ZimaOS Privilege Escalation
Privilege escalation vulnerability allowing unauthorized access to admin functions
Technical Capabilities
Offensive security expertise across multiple domains
Red Teaming
Full-scope adversarial simulations, APT emulation, C2 infrastructure
AI/LLM Security
Prompt injection, jailbreaks, model poisoning, training data extraction
AI Chatbot Testing
Business logic abuse, PII leakage, context manipulation, RAG security
MCP Testing
Model Context Protocol security, tool injection, context manipulation
Penetration Testing
Web, Mobile (Android/iOS), API, Network, Thick Client, IoT
Web Application Security
OWASP Top 10, SSRF, XXE, RCE, Auth bypass, Business logic flaws
Attack Chain Development
Multi-stage kill chains, zero-day research, custom exploit development
Mobile Security
Android/iOS app testing, reverse engineering, Frida, Objection
Vulnerability Management
Nessus, Burp Suite, Metasploit, Nuclei, Custom automation
OSINT
Reconnaissance, credential discovery, asset enumeration, dark web monitoring
Wireless & IoT
WiFi, Bluetooth, RFID, Hardware security, SDR, Firmware analysis
Thick Client
Desktop application testing, memory corruption, DLL injection, sandbox bypass
Certifications
Industry-recognized security credentials
DIAT Certified Information Assurance Professional
DRDO
May 2021
CNSS Certified Network Security Specialist
ICSI, UK
May 2020
Bug Bounty Profiles
Active vulnerability disclosure on leading bug bounty platforms
Bugcrowd Profile
DrDark1999
Active bug bounty hunter on Bugcrowd platform, participating in various programs
View ProfileYogosha Profile
DrDark1999
Security researcher on Yogosha, contributing to vulnerability disclosures
View ProfilePersonal Achievements
Bug Bounty Hall of Fame
NestForms
Recognized for responsible disclosure of security vulnerabilities
Bounty Reward & Appreciation
IndiaMART
Monetary bounty for critical vulnerability disclosure
Hardware CTF - 2nd Place
IoTSecurity101 @ Security BSides Ahmedabad 2023
Hardware security competition involving embedded device penetration testing, desoldering, and chip-level analysis
View RecognitionEC-Council Featured Story
EC-Council
Featured for CPENT certification journey and offensive security career path
View Recognition9 CVEs Discovered
Security Research
Independent vulnerability research resulting in 9 CVE assignments including critical SSRF (CVSS 9.0) and authentication bypass (CVSS 9.8)
View RecognitionNote: CVE discoveries and bug bounties are independent security research. Professional penetration testing and red team engagements are conducted through Sumasoft Pvt. Ltd.
Education
MSc in IT Technology
Savitribai Phule Pune University
BSc in Computer Science
Savitribai Phule Pune University
Available For Engagements
Accepting select red team engagements, AI security assessments, and security consulting opportunities. Reach out to discuss how I can help identify critical vulnerabilities in your environment.
admin@bhargavhede.in
+91 76665 27586
Location
Pune, India
in/bhargavhede
GitHub
DrDark1999
Bugcrowd
DrDark1999
Yogosha
DrDark1999
Need a security assessment that goes beyond automated scans?
Let's discuss how I can help uncover the vulnerabilities that matter.