I am a security researcher and technologist from New Delhi, India. I currently work as a security researcher with Kloudle in Bangalore, India.

I have previously worked as a product support engineer with HasGeek in Bangalore, India, where I contributed to their Python code base, prior to which I worked as a program officer with the Centre for Internet and Society, India, where I carried out and published research on technology policy and security.

My blog is centered primarily around network and application security and consumer privacy. My writing has previously featured in publications such as The Wire and 2600 Magazine, and some of my work has been documented in publications such as the New York Times and Caravan Magazine.

• [ 2020-07-15 ] Command injection vulnerability in V-SOL home networking devices
• [ 2019-08-24 ] Attacking a weak 3D Secure implementation
• [ 2018-05-03 ] Extracting personal phone numbers linked to Aadhaar
• [ 2018-02-23 ] Disclosure of account balance and recent transactions on PayPal
• [ 2017-06-29 ] Fuzzing for obfuscated phone numbers