About me

$(whoami) █► Ashish Arun Dhone $(Bio) ♦ Cyber Security Consultant at Emirates NBD , Dubai ♦ Ex: Cyber Security Expert at Entel S.A. Chile ♦ Ex: Lead Penetration Tester at Persistent Systems. ♦ Independent Security Researcher at Synack, Hackerone, Bugcrowd and Yogosha. I have significant knowledge in, ✔ Vulnerability Assessment ✔ Penetration Testing ✔ Network Security ✔ Mobile Application Security ✔ Web Application Security ✔ API Security ✔ Digital Forensic ✔ Threat Intelligence ✔ Red Teaming $(CVEs) ♦ CVE-2021-37999 - UXSS in Google Chrome ♦ CVE-2021-31832 - Stored XSS in McAfee DLP ♦ CVE-2020-35745 - Privilege Escalation- Unauthenticated access to Admin Portal in PHPGurukul ♦ CVE-2020-25925 - Reflected XSS in IceWarp WebClient $(HONORS & AWARDS) ♦ Black Hat MEA 2023 CTF Finalist - Riyadh, Saudi Arabia ♦ National Crime Record Bureau - Ministry of Home Affairs India - CCTNS Bug Bounty Winner ♦ Top 50 in World at Microsoft Leaderboard 2023 ♦ MSRC Q1 Hacker's Leaderboard ♦ MSRC MVR Hacker's Leaderboard 2023 & 2024 ♦ MSRC Q3 Hacker's Leaderboard ♦ Top 120's in World at Google Hacker's Ranking. ♦ Black Hat MEA 2022 Speaker and CTF Finalist - Riyadh, Saudi Arabia - The only Indian team to qualify for the CTF finals, and I was leading the team as a Captain also my research was selected in the call for papers at Black Hat MEA and I was invited as a Speaker. ♦ BOUNTYCON – FACEBOOK & GOOGLE selected all over Asia region at Facebook’s HQ in Singapore to attend a Conference dedicated to the Security Researcher Community. ♦ Acknowledged, Rewarded and listed in “HACKER’S HALL OF FAME" For Finding Several Security Flaws in, ✔ Google ✔ Apple ✔ Microsoft ✔ Facebook ✔ Shopify ✔ Gitlab ✔ AT&T ✔ Western Union ✔ Paytm ✔ Swiggy and several other 300+ Top Fortune Companies. $(Certifications) ♦ Altered Security - Certified Red Team Professional (CRTP) ♦ EC-COUNCIL - Licensed Penetration Tester LPT (Master) ♦ EC-COUNCIL - Certified Penetration Testing Professional (CPENT) ♦ Web Application Penetration Tester eXtreme - eWPTX v2.0 ♦ EC-COUNCIL - Computer Hacking Forensic Investigator (CHFI) ♦ EC-COUNCIL - Digital Forensic Essential (DFE) ♦ EC-COUNCIL - Certified Ethical Hacker Master (CEH Practical) ♦ EC-COUNCIL - Ethical Hacking Essentials (EHE) ♦ EC-COUNCIL - Certified Ethical Hacker (CEH v10)