// Offensive Security Engineer

NAVEENSINGH

AI Security · Cloud-Native Pentesting · Tool Builder

Turning offensive depth into defensive_

view my tools get in touch

SCROLL TO EXPLORE

-// about.log

From Analyst to Adversary Emulator

Seven-plus years in product offense, identity abuse testing, and AI-integrated security engineering.

Kenvue
enterprise appsec
Lead Security Analyst
2023 - Present
Leading threat-led offensive validation for customer-facing platforms and AI-assisted approval flows.
EY
consulting
Application Security Consultant
2021 - 2023
Drove secure SDLC adoption and attack-surface reduction programs across regulated global environments.
Atos
cloud security
Security Engineer
2019 - 2021
Built cloud security baselines and offensive test playbooks for large distributed systems.
CoreCard
payments
Security Analyst
2017 - 2019
Performed deep web/API assessments, threat modeling, and incident-driven hardening for payment workloads.

-// capability.matrix

Capability Surfaces

AI & Agentic Security

Control model behavior under adversarial pressure.

LLM threat modeling

./probe

prompt injection

./probe

RAG poisoning

./probe

agent sandbox escape

./probe

-// research.ops

Open-Source Offensive Tooling

WAT-9

Watson

AI-driven attack path engine for chained exploit discovery.

streaming

graphingai-offensepathing

[graph] node: auth-gateway -> llm-broker

[risk] privilege edge discovered

[queue] exploit chain emitted

AX-3

AdaptXSS

Adaptive XSS payload mutation against modern filter logic.

streaming

mutationxsspayloads

payload:v12 -> <svg/onload=...>

bypass: sanitizer rule #14

result: reflected sink reached

ART-L

ART-for-External-API-LLM

LLM attack testing framework for tool-calling workflows.

streaming

llmexternal-apitesting

run: tool-calling abuse suite

seed: prompt-injection-omega

status: 6/8 exploit paths validated

STC-4

SubTakeControl

Subdomain takeover detection with continuous recon signals.

streaming

dnstakeoverrecon

scan: 421 records parsed

match: orphan CNAME surfaced

alert: takeover candidate confirmed

-// attack.scenarios

Breach Flow Diagrams

SSO Chaining → Account Takeover

critical

Token Discovery

Enumerate token relay points and weak trust assertions between identity providers.

Relay Forge

Craft a forged relay flow that preserves valid session artifacts during redirect.

Session Graft

Bind the forged token stream into a victim-linked session context.

Privilege Lift

Escalate role scope through federated mapping drift and stale claims.

⚠ impact

Full account takeover across federated tenants.

-// operator.history

Operator History

High-impact offensive programs across enterprise platforms, cloud workloads, and identity surfaces.

2023 - Present

Kenvue

Lead Security Analyst

• Scaled appsec controls across enterprise product lines.
• Modeled AI-assisted workflow abuse for high-risk approvals.
• Reduced exploitability in identity and API entry points.

SemgrepBurp SuiteNucleiKubernetesAWS

2021 - 2023

EY

Application Security Consultant

• Embedded threat modeling into engineering planning cycles.
• Built offensive test playbooks for regulated workloads.
• Improved release confidence through targeted abuse testing.

OWASP ASVSDASTIaC scanningJira

2019 - 2021

Atos

Security Engineer

• Hardened cloud baselines for multi-region deployments.
• Introduced pipeline security checks for critical services.
• Validated controls with internal adversary emulation.

TerraformAzureGCPPythonGo

2017 - 2019

CoreCard

Security Analyst

• Performed deep web and API assessments for fintech products.
• Partnered with developers on vulnerability closure velocity.
• Documented repeatable exploit chains for secure coding training.

Burp SuiteffufSQLMapPostman

-// hall.of.impact

Notable Findings

SSO Token Chaining → Account Takeover

critical

Chained SSO misconfiguration across identity providers to expose tokens and achieve account takeover.

XXE via Document Upload

critical

Triggered XML entity resolution in document processing to read internal files and backend metadata.

SSRF → Cloud Metadata Exfiltration

critical

Server-side fetch path reached cloud metadata endpoint and exposed role credentials.

OAuth Flow Misconfiguration

high

Redirect and session handling weaknesses enabled privilege escalation paths.

Prompt Injection in Agentic Workflow

high

Injected instruction chain overrode policy and drove unauthorized tool invocation.

Business Logic Funds Manipulation

critical

Multi-step workflow abuse allowed unauthorized transaction intent mutation.

-// tech-stack

Arsenal

Languages

PythonGoTypeScriptBashRust

Cloud

AWSGCPAzureKubernetesTerraform

Frameworks

FastAPINext.jsSpringNode.js

AI Security

LangChainLlamaIndexGuardrailsRebuff

Offensive

Burp SuiteNucleiSemgrepffufCaido

Certifications

OSCP

CEH

CISSP (in progress)

AWS Security Specialty

-// contact.sh

Open a Channel

emailnvnsngh1008@hotmail.com githubgithub.com/crynomore linkedinlinkedin.com/in/nvncyberkinesis locationPune, IN

terminal

$ help