SYSTEM ONLINE
PROTOCOL: J.A.R.V.I.S
VISUAL INTERFACE
VERSION 3.4.1
POWER CORE STATUS: STABLE
TEMP: 21.3°C / LOAD: 37%
USER: INITIALIZING
SECURITY LEVEL: AUTHORIZED
Boot sequence complete

HI, I'M PARTHA

Partha Bishwas – Offensive Application Security Engineer

Offensive Application Security Engineer

10+ Years • 200+ Apps Tested • 100+ Criticals Found • Banking, FinTech, Govt.

Senior offensive application security engineer with over a decade of experience in VAPT, API security, mobile security, and bug bounty research.

Partha Bishwas holographic cybersecurity avatar

Skills

SKILLS
Mobile
Security
0%
Web
Security
0%
API Security 86%
Network Security 82%
Reverse Engineering 78%
Server Security 80%

Achievements

ACHIEVEMENTS
COORDINATED DISCLOSURE CHANNELS
Secure uplink required
Awaiting secure handshake...
Bugcrowd
Enterprise Bug Bounty Programs
HackerOne
Responsible Disclosure Platform
HackenProof
Private Bug Bounty Platform
Intigriti
European Disclosure Network

Projects

PROJECTS
OFFENSIVE SECURITY WORKS
ACTIVE MODULES
Awaiting secure handshake...
WEB
APPLICATION
VAPT
Web Application VAPT
Executed comprehensive web application VAPT, including OWASP Top 10 and SANS Top 25 testing. Discovered critical access control flaws, insecure session handling, and misconfigured security headers, significantly improving the application's security posture.
MOBILE
APPLICATION
VAPT
Mobile Application VAPT
Conducted end-to-end mobile application VAPT covering authentication, authorization, insecure storage, reverse engineering, root/jailbreak bypass, and API abuse. Mapped findings against OWASP MASVS and OWASP Mobile Top 10, resulting in critical risk remediation before production release.
API
SECURITY
ASSESSMENT
API Security Assessment
Performed deep API security testing, including IDOR, privilege escalation, mass assignment, and business logic abuse on microfinance APIs. Identified high-impact authorization flaws affecting fund transfer and beneficiary management workflows.
BUG BOUNTY
&
DISCLOSURE
Bug Bounty & Responsible Disclosure
Actively participated in private and public bug bounty programs. Reported multiple valid security issues through responsible disclosure channels, focusing on access control, data exposure, and authentication weaknesses.
SECURITY
HARDENING
Security Hardening
Reviewed and validated application configurations against security best practices, including TLS hardening, secure headers, and access controls. Ensured alignment with organizational and regulatory security requirements.