profile-pic

Kanishka Jha

Security professional focused on application and internal network penetration testing.

I work at the intersection of web application security and Windows Active Directory environments identifying authentication and access control weaknesses, validating real-world exploitability, and assessing how a vulnerability can impact business operations.

My experience includes web & API vulnerability hunting, secure code review, and internal network assessments, along with responsible vulnerability disclosures to multiple organizations. Iā€™m particularly interested in understanding how application flaws translate into internal access and organizational risk.

Always open to connecting with security professionalsšŸ¤, learning from real incidents, and contributing to improving security posture.

  • Role

    Agentic AI Engineer

  • Years of Experience

    3.4 years

Skillsets

  • AI chatbot
  • Api integration
  • cybersecurity tools
  • Data Visualization
  • Generative AI
  • Incident Response
  • LLM evaluation
  • Python
  • REST API
  • Security Testing
  • Vulnerability management
  • REST API - 3 Years

Professional Summary

3.4Years
  • Jun, 2024 - Oct, 2024 4 months

    Agentic AI Engineer

    Jio
  • Feb, 2024 - May, 2024 3 months

    Cybersecurity Engineer

    Technoxi
  • Jun, 2023 - Aug, 2023 2 months

    Infrastructure Security Intern

    BSES, Reliance ADA GROUP

Applications & Tools Known

  • icon-tool

    AWS VPC

  • icon-tool

    Cisco ISE

  • icon-tool

    Cisco Umbrella

  • icon-tool

    Firewalls

  • icon-tool

    Bash scripting

  • icon-tool

    Flask

  • icon-tool

    XML

  • icon-tool

    GAU

  • icon-tool

    NMAP

Work History

3.4Years

Agentic AI Engineer

Jio
Jun, 2024 - Oct, 2024 4 months
    Developing and fine-tuning Generative AI models, significantly contributing to the advancement of JioGPT. Designing and implementing robust test suits to rigorously evaluate the performance and security of Large Language Models (LLMs). Leading the development and ongoing implementation of Lama Guard, an advanced solution for safeguarding generated responses against potential threats. Integrating advanced AI techniques into Jios infrastructure, enhancing both user interactions and overall, AI security capabilities. Conducting extensive research and development to continuously improve the accuracy, efficiency, and security of AI models. Overseeing the deployment and scaling of secure AI solutions, ensuring adherence to industry standards and best practices.

Cybersecurity Engineer

Technoxi
Feb, 2024 - May, 2024 3 months
    Developed and deployed advanced security measures across various platforms. Engineered an AI chatbot for seamless interaction with Cisco ISE and Umbrella APIs, enhancing security monitoring and response. Automated data fetching and security monitoring, utilizing advanced techniques to streamline operations. Conducted comprehensive security assessments, including web application penetration testing using various modern tools. Performed penetration testing to support and validate security solutions. Collaborated with international clients to deliver customized security solutions tailored to their specific needs. Worked in alignment with Cisco to integrate and optimize Umbrella and ISE APIs, ensuring robust security frameworks. Contributed to the development and refinement of security policies and compliance efforts through insights and analytics.

Infrastructure Security Intern

BSES, Reliance ADA GROUP
Jun, 2023 - Aug, 2023 2 months
    Conducted monitoring and surveillance, analyzing security events and alerts from various systems, including firewalls, intrusion detection systems, and SIEM platforms. Assisted in vulnerability assessments and penetration testing of the organization's infrastructure and systems for effective vulnerability management. Contributed to the development and enforcement of security policies, procedures, and guidelines within the organization. Supported compliance efforts by participating in security audits and assessments. Managed and administered security infrastructure, including firewalls, intrusion prevention systems, and access control systems.

Achievements

  • Selected in @NULLCON International Conference in Goa
  • Hall of Fame recognition from Philips
  • Hall of Fame recognition from Oracle
  • Hall of Fame recognition from Latam Airways
  • Selected in Govt Smart India Hackathon
  • Kedar Santh Technical Award
  • Private invitations to find vulnerabilities
  • Vulnerability triaged at DomeCTF
  • Cloud Security Excellence
  • 4th position at M.H. Saboo Siddik College Hackathon
  • Top 29 in National Coding Olympiad 2021 Hackathon
  • Selected in Govt Kavach Hackathon
  • 447th position in 24-hour Cybersecurity Challenge
  • Participated in CTF by KPMG
  • Swag recipient from HackToberFest
  • 881st position in Downunder DUCTF 4.0
  • Top 3500 in HTB Cyber Apocalypse CTF
  • Participated in Advent of Cyber 2024
  • Participated in DJ Sanghvi hackathon
  • Participated in Atrina One Finance Hackathon

Major Projects

7Projects

Dynamic Intrusion Detection System (IDS) using Machine Learning

    Developed a dynamic IDS capable of real-time dataset updates via Sandbox, enhancing security and threat detection capabilities. The system leverages machine learning algorithms to identify and respond to emerging threats by continuously updating its dataset with new threat intelligence from a Sandbox environment. This approach ensures that the IDS remains effective against the latest security threats, providing robust protection for the network.

Buffer Overflow Payload Generator

    Created exploits using Bash scripting language. Developed programs in C to test skills. Used Figlet for ASCII TEXT in the program.

OTP System

    Generated random numbers using Random Library (Python). Used XML for constraint design. Implemented Flask for handling POST requests.

Blue DOS

    Utilized bash scripting. Integrated L2ping for flooding Logical Link Control & Adaptation Protocol.

Insecure Redirect Finder

    Implemented Bash scripting. Integrated GAU (Get All URLs) and HTTPX. GAU fetched all URLs for a specific domain, and the tool tested bifurcated URLs for open redirects. HTTPX verified successful open redirects, saving vulnerable URLs in a text file.

Author of Tool EKA: Trouble29

    Developed a Python-based automation tool for efficient security testing, with a focus on XSS, NMAP, and SQLI. XSS Automation: Engineered automated testing for XSS vulnerabilities in web applications. NMAP Automation: Implemented automated NMAP scanning for rapid and comprehensive network reconnaissance. SQLI Automation: Designed a module for automated SQLI testing to identify and address database vulnerabilities. Python Scripting: Utilized Python for flexible and maintainable scripting. Advanced Automation: Integrated advanced scripting techniques for efficient and repeatable security assessments.

EKA Cloud Deployment

    Designed and implemented the cloud-based deployment architecture for Tool EKA using AWS VPC, ensuring scalability and security. Utilized a multi-tier architecture with public and private subnets for secure and efficient traffic management. NAT Gateway was deployed to allow private instances to access the internet securely while preventing external threats. Integrated an Application Load Balancer (ALB) to efficiently distribute traffic and ensure high availability. Auto Scaling Groups were implemented to handle varying loads dynamically, maintaining optimal performance. Secured the infrastructure with custom Security Groups and IAM roles, enforcing least-privilege access.

Education

  • B.E in Electronic & Computer Engineering

    SIES GST (2025)

  • Diploma in Computer Engineering

    Arun Muchhala Polytechnic (2022)