LLM threat modeling
./probe
// Offensive Security Engineer
NAVEENSINGH
AI Security · Cloud-Native Pentesting · Tool Builder
Exploiting agentic workflows before attackers do
SCROLL TO EXPLORE
-// about.log
From Analyst to Adversary Emulator
Seven-plus years in product offense, identity abuse testing, and AI-integrated security engineering.
Kenvue
enterprise appsecLead Security Analyst
2023 - Present
Leading threat-led offensive validation for customer-facing platforms and AI-assisted approval flows.
EY
consultingApplication Security Consultant
2021 - 2023
Drove secure SDLC adoption and attack-surface reduction programs across regulated global environments.
Atos
cloud securitySecurity Engineer
2019 - 2021
Built cloud security baselines and offensive test playbooks for large distributed systems.
CoreCard
paymentsSecurity Analyst
2017 - 2019
Performed deep web/API assessments, threat modeling, and incident-driven hardening for payment workloads.
-// capability.matrix
Capability Surfaces
ai
AI & Agentic Security
Control model behavior under adversarial pressure.
prompt injection
./probe
RAG poisoning
./probe
agent sandbox escape
./probe
-// research.ops
Open-Source Offensive Tooling
WAT-9
Watson
AI-driven attack path engine for chained exploit discovery.
streaming
graphingai-offensepathing
[graph] node: auth-gateway -> llm-broker
[risk] privilege edge discovered
[queue] exploit chain emitted
AX-3
AdaptXSS
Adaptive XSS payload mutation against modern filter logic.
streaming
mutationxsspayloads
payload:v12 -> <svg/onload=...>
bypass: sanitizer rule #14
result: reflected sink reached
ART-L
ART-for-External-API-LLM
LLM attack testing framework for tool-calling workflows.
streaming
llmexternal-apitesting
run: tool-calling abuse suite
seed: prompt-injection-omega
status: 6/8 exploit paths validated
STC-4
SubTakeControl
Subdomain takeover detection with continuous recon signals.
streaming
dnstakeoverrecon
scan: 421 records parsed
match: orphan CNAME surfaced
alert: takeover candidate confirmed
-// attack.scenarios
Breach Flow Diagrams
SSO Chaining → Account Takeover
criticalSteps: Token Discovery → Relay Forge → Session Graft → Privilege Lift
01
Token Discovery
Enumerate token relay points and weak trust assertions between identity providers.
02
Relay Forge
Craft a forged relay flow that preserves valid session artifacts during redirect.
03
Session Graft
Bind the forged token stream into a victim-linked session context.
04
Privilege Lift
Escalate role scope through federated mapping drift and stale claims.
⚠ impact
Full account takeover across federated tenants.
-// operator.history
Operator History
High-impact offensive programs across enterprise platforms, cloud workloads, and identity surfaces.
2023 - Present
Kenvue
Lead Security Analyst
- • Scaled appsec controls across enterprise product lines.
- • Modeled AI-assisted workflow abuse for high-risk approvals.
- • Reduced exploitability in identity and API entry points.
SemgrepBurp SuiteNucleiKubernetesAWS
2021 - 2023
EY
Application Security Consultant
- • Embedded threat modeling into engineering planning cycles.
- • Built offensive test playbooks for regulated workloads.
- • Improved release confidence through targeted abuse testing.
OWASP ASVSDASTIaC scanningJira
2019 - 2021
Atos
Security Engineer
- • Hardened cloud baselines for multi-region deployments.
- • Introduced pipeline security checks for critical services.
- • Validated controls with internal adversary emulation.
TerraformAzureGCPPythonGo
2017 - 2019
CoreCard
Security Analyst
- • Performed deep web and API assessments for fintech products.
- • Partnered with developers on vulnerability closure velocity.
- • Documented repeatable exploit chains for secure coding training.
Burp SuiteffufSQLMapPostman
-// hall.of.impact
Notable Findings
⚡SSO Token Chaining → Account Takeover
criticalchain: Token Discovery → Relay Forge → Session Graft → Privilege Lift
Chained SSO misconfiguration across three identity providers to expose cross-tenant tokens and hijack live sessions.
Full account takeover across federated tenants without credential compromise.
⚡XXE via Document Upload → Backend Access
criticalchain: Weaponized Upload → XML Parse → Entity Resolution → Cross-Tenant LFI
Exploited XML entity parsing in document rendering to read internal files, cloud metadata, and tenant-adjacent artifacts.
Exfiltration of secrets, config, and victim documents from shared infrastructure.
⚡SSRF → Cloud Metadata Exfiltration
criticalchain: URL Sink → Internal Pivot → IMDS Hit → Credential Theft
Server-side request flow was coerced into internal routing and cloud metadata endpoints.
Cloud role credential theft with potential lateral movement across VPC assets.
⚡OAuth Misconfiguration → Privilege Escalation
highchain: redirect_uri Abuse → Session Fixation → Scope Drift → Privilege Lift
OAuth redirect and session handling weaknesses allowed horizontal-to-vertical privilege escalation.
Unauthorized admin-level capability in multi-tenant application flows.
⚡Prompt Injection in Agentic Workflow
highchain: Indirect Payload → Instruction Override → Tool Abuse → Data Exfil
Adversarial prompt payloads overrode system intent and triggered unauthorized tool execution.
Sensitive data exposure and policy bypass through model-driven tool chains.
⚡Business Logic → Unauthorized Fund Transfers
criticalchain: Workflow Drift → Intent Mutation → Approval Bypass → Fund Reroute
Multi-step business logic abuse in payment flows enabled unauthorized transfer manipulation.
Transaction integrity breach with real financial impact potential.
-// tech-stack
Arsenal
Languages
5PythonGoTypeScriptBashRust
Cloud
5AWSGCPAzureKubernetesTerraform
Frameworks
4FastAPINext.jsSpringNode.js
AI Security
4LangChainLlamaIndexGuardrailsRebuff
Offensive
5Burp SuiteNucleiSemgrepffufCaido
Certifications
OSCP
CEH
CISSP (in progress)
AWS Security Specialty
-// contact.sh
Open a Channel
emailnvnsngh1008@hotmail.comgithubgithub.com/crynomorelinkedinlinkedin.com/in/nvncyberkinesislocationPune, IN
terminal
$ help
help | whoami | ls /skills | cat /contact | connect <msg> | clear