Summary
Overview
Work History
Education
Skills
Certification
References
Accomplishments
Languages
Websites
References
Timeline
Generic

PRASHANT GHATANI

Parramatta,Australia

Summary

Dynamic cybersecurity professional with a proven track record at KTM Consulting Group, excelling in penetration testing and vulnerability assessments. Recognized for enhancing security posture through strategic problem-solving and effective communication. Passionate about driving security awareness and implementing robust defenses, contributing to a 30% reduction in system vulnerabilities.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Freelance work

BugCrowd
Remote
02.2019 - Current
  • Identified and resolved critical security vulnerabilities by performing manual and automated security testing on web applications and network infrastructures which led to the successful remediation of high-risk issues.
  • Contributed valuable security research to the community through collaboration with program owners and participation in both private and public programs, enhancing collective cybersecurity knowledge.
  • Recognized in NASA's VDP Hall of Fame for reporting a critical vulnerability through detailed security analysis and responsible disclosure.

Purple Teamer

KTM Consulting Group
Sydney, NSW
07.2022 - 03.2025
  • Monitored and analyzed security events using SIEM platforms such as Splunk and Microsoft Sentinel, swiftly detecting and escalating potential threats for response.
  • Conducted threat hunting and endpoint security analysis leveraging CrowdStrike Falcon and EDR/XDR solutions, enhancing proactive defense strategies.
  • Supported incident response by gathering forensic evidence, performing log analysis, and assisting with containment and remediation efforts.
  • Executed vulnerability assessments using Nessus and Qualys, collaborating with teams to implement mitigation strategies that strengthened security posture.
  • Performed web application security testing with Burp Suite, identifying and reporting exploitable vulnerabilities.

Penetration Tester

KTM Consulting Group
Sydney, NSW
02.2021 - 06.2022
  • Executed comprehensive vulnerability assessments and full-scale penetration tests across diverse client infrastructures, utilizing tools such as Nmap, Nessus, Burp Suite, Metasploit, and BloodHound to map attack paths and uncover exploitable weaknesses within Active Directory environments.
  • Conducted adversary-simulated attacks, including LLMNR/NBT-NS poisoning (Responder), Kerberoasting, Pass-the-Hash, and NTLM relay attacks, to assess real-world attack resilience and identify privilege escalation opportunities.
  • Crafted detailed, high-impact security reports, translating raw exploit data from Kali Linux, SQLmap, Wireshark, and CrackMapExec into clear, actionable remediation strategies tailored to fortify client environments.
  • Collaborated with cross-functional teams to implement secure AD configurations, Group Policy hardening, patch management strategies, and enhanced incident response protocols, ensuring proactive detection and mitigation of common attack techniques.

Cybersecurity analyst

Cynical Technologies
Kathmandu, Nepal
09.2019 - 08.2020
  • Achieved a 30% reduction in system vulnerabilities by mitigating 5 critical CVEs (CVE-2020-27492, CVE-2020-27493, CVE-2020-27494, CVE-2020-27496, CVE-2020-27497) through conducting thorough penetration tests on computer systems, networks, and applications using the OWASP TOP 10 methodology.
  • Enhanced system security awareness by 20% through educating users on phishing and other attack vectors, leading to improved user engagement in security protocols.
  • Prevented potential security incidents by 25% through implementing timely system scans and securing entry points.
  • Improved incident response efficiency by 15% through utilizing SIEM software (Splunk, QRadar) and employing XDR/EDR tools such as Defender and CrowdStrike for monitoring and responding to security incidents.

Education

Bachelor of Science - Information Technology

Crown Institute of Higher Education
North Sydney, NSW
06.2024

Skills

  • Client needs assessment
  • Relationship management
  • Penetration testing
  • Security awareness training
  • Effective communication
  • Analytical thinking
  • Strategic problem-solving
  • Adaptability to technology
  • Cybersecurity principles knowledge
  • Vulnerability assessment expertise
  • Technical writing proficiency

Certification

  • Foundation Level Threat Intelligence Analyst, ARCX, 08/23
  • Token of Appreciation, NASA, 08/24
  • ELearning Junior Penetration Tester (EJPT), INE, 06/23
  • Vulnerability Detection Skill Path Badge, Offsec
  • Windows Attacks Skill Path Badge, Offsec
  • Lateral Movement Skill Path Badge, Offsec
  • Antivirus Evasion Skill Path Badge, Offsec
  • Offensive Pentesting Learning Path, Try Hack Me, 08/22
  • Introduction to Bug Bounty Hunting and Web Application Hacking, Ben Sadeghipour (NahamSec), 02/22
  • Linux Privilege Escalation for OSCP & Beyond, Tib3rius, 03/22
  • Windows Privilege Escalation for OSCP & Beyond, Tib3rius, 04/22
  • Windows Privilege Escalation for Beginners, TCM Security, 07/23
  • Burp Suite: In Depth Survival Guide, Wesley Thijs at Udemy, 08/21
  • Currently preparing for the OSCP

References

Available on request.

Accomplishments

  • NASA VDP Hall of Fame 2024

Languages

English
Full Professional
Nepali
Native/ Bilingual
Hindi
Full Professional

References

References available upon request.

Timeline

Purple Teamer

KTM Consulting Group
07.2022 - 03.2025

Penetration Tester

KTM Consulting Group
02.2021 - 06.2022

Cybersecurity analyst

Cynical Technologies
09.2019 - 08.2020

Freelance work

BugCrowd
02.2019 - Current

Bachelor of Science - Information Technology

Crown Institute of Higher Education

Similar Profiles

CREATE PROFILE
PRASHANT GHATANI