CYBERSECURITY ANALYST // THREAT HUNTER

Vishal Rawat

[ NETWORK PENTESTER  |  WEB PENTESTER  |  SOC ANALYST ]

Specialized in offensive security, threat detection, and incident response. Breaking systems to build stronger defenses — from AD exploitation to SIEM-driven detection engineering.

INITIATE CONTACT VIEW SKILL SET
0
Rooms Completed
0
Security Badges Earned
0
Vulnerabilities Identified
0
TryHackMe Global Rank
// INITIALIZE PROFILE

ABOUT ME

analyst@kali:~$
$ whoami
→ Cybersecurity Analyst & Penetration Tester

$ cat profile.json
"name": "Vishal Rawat",
"role": "Security Analyst",
"focus": [
  "Network Pentesting",
  "Web App Security",
  "SOC Operations",
  "AD Exploitation"
],
"threat_level": "EXPERT"

$

SECURITY MINDSET

I'm a cybersecurity analyst with deep expertise in offensive security and defensive operations. My work spans the full spectrum — from breaking into networks to building detection rules that catch attackers in the act.

On the offensive side, I specialize in network penetration testing, uncovering misconfigurations, lateral movement paths, and privilege escalation vectors. My web pentesting covers the full OWASP Top 10 and beyond — SQLi, XSS, SSRF, IDOR, and API abuse.

In the SOC, I leverage Splunk, SIEM platforms, and automation via n8n to triage alerts at scale, hunt threats proactively, and respond to incidents with speed and precision.

// SKILL MATRIX LOADED

CAPABILITIES

🌐
NETWORK PENTESTING
Full-scope network assessments — scanning, enumeration, exploitation, and post-exploitation across enterprise infrastructure.
92%
NmapMetasploitNessusWiresharkLateral Movement
🕷️
WEB APP PENTESTING
Comprehensive web application assessments targeting OWASP Top 10, business logic flaws, and API security vulnerabilities.
90%
Burp SuiteSQLMapOWASP ZAPXSSSSRF
🛡️
SOC OPERATIONS
Tier 2/3 SOC analyst with experience in alert triage, threat hunting, DFIR, and building detection engineering pipelines.
88%
Threat HuntingTriageDFIRIOC Analysis
📊
SPLUNK & SIEM
Expert-level Splunk SPL queries, custom dashboards, correlation rules, and alert tuning across enterprise SIEM deployments.
87%
SPLDashboardsCorrelationQRadarELK Stack
⚙️
n8n AUTOMATION
Security workflow automation using n8n — auto-enriching alerts, triggering playbooks, and orchestrating SOAR-style responses.
83%
WorkflowsWebhooksAPI HooksSOAR
🏰
ACTIVE DIRECTORY
Deep AD security — Kerberoasting, Pass-the-Hash, BloodHound enumeration, GPO abuse, and defensive hardening.
91%
BloodHoundKerberoastPTHDCSyncMimikatz
// MODULE: ACTIVE DIRECTORY PENTESTING

AD EXPLOITATION

⚔️ Active Directory Attack Surface

Active Directory is the backbone of most enterprise environments — and one of the most rewarding targets in a pentest engagement. My methodology covers the full kill chain: initial enumeration, credential attacks, privilege escalation, lateral movement, and domain compromise. I understand not just how to exploit AD, but how to defend, detect, and harden it at every tier.

ENUMERATION
  • BloodHound / SharpHound collection
  • LDAP enumeration (users, groups, GPOs)
  • SPN scanning for Kerberoastable accounts
  • ACL/ACE abuse path discovery
  • Trust relationship mapping
CREDENTIAL ATTACKS
  • Kerberoasting (SPN-based hash extraction)
  • AS-REP Roasting (no-preauth accounts)
  • Pass-the-Hash / Pass-the-Ticket
  • NTLM relay (Responder + ntlmrelayx)
  • Password spraying & brute-force
PRIVILEGE ESCALATION
  • DCSync attack (replicating NTDS.dit)
  • Golden Ticket & Silver Ticket attacks
  • GPO abuse for code execution
  • Token impersonation (SeImpersonatePrivilege)
  • Constrained / unconstrained delegation
LATERAL MOVEMENT
  • WMI / PSExec / SMB lateral movement
  • RDP pivoting and tunneling
  • DCOM abuse for remote execution
  • Overpass-the-Hash technique
  • Living-off-the-land (LOLBins)
DETECTION & DEFENSE
  • Event ID monitoring (4624, 4768, 4769, 4776)
  • Splunk AD audit dashboards
  • Honey accounts and honey SPNs
  • Tiered admin model implementation
  • LAPS & fine-grained password policies
HARDENING PRACTICES
  • Disabling NTLM where possible
  • Protected Users security group
  • Credential Guard & VBS
  • Attack Surface Reduction (ASR) rules
  • Forest / domain trust review & cleanup
// ARSENAL LOADED

TOOLS & TECH

🕵️
Nmap
NETWORK RECON
🔍
Burp Suite
WEB SECURITY
🗄️
SQLmap
SQL INJECTION
FFUF
FUZZING
🔎
Nuclei
VULN SCANNING
📡
Wireshark
PACKET ANALYSIS
🔐
Hashcat
PASSWORD CRACKING
📨
Responder
NTLM RELAY
🧠
BloodHound
AD ENUMERATION
🔑
Mimikatz
CREDENTIAL ACCESS
🌐
Nessus
VULNERABILITY MGMT
📊
Splunk
SIEM
📋
TheHive
INCIDENT RESPONSE
🐉
Kali Linux
PENTEST PLATFORM
🐧
Linux
OPERATING SYSTEM
🐍
Python
SCRIPTING
⚙️
Bash
AUTOMATION
// CREDENTIALS VERIFIED

CERTIFICATIONS

🔐

Google – Foundations of Cybersecurity

Introductory cybersecurity certification covering security principles, threats, and defense fundamentals.

View Certificate ↗
● CERTIFIED
🛡️

Cisco – Junior Cybersecurity Analyst Career Path

Cisco cybersecurity program covering SOC operations, threat analysis, and incident response.

View Certificate ↗
● CERTIFIED
☁️

AWS Academy – Cloud Foundations

Cloud computing fundamentals including AWS services, cloud architecture, and deployment models.

View Certificate ↗
● CERTIFIED
💻

HackerRank – Problem Solving (Intermediate)

Demonstrates problem solving skills using algorithms, data structures, and logical thinking.

View Certificate ↗
● CERTIFIED
🌐

Cisco – CCNA: Introduction to Networks

Networking fundamentals including IP addressing, routing, switching, and network protocols.

View Certificate ↗
● CERTIFIED
🎖️

EC-Council – Certified Ethical Hacker (CEHv13)

Advanced ethical hacking certification covering penetration testing tools and attack methodologies.

View Certificate ↗
● CERTIFIED
🔎

TheSecOps – Certified Network Security Practitioner (CNSP)

Network security certification covering cryptography, threat detection, and defense mechanisms.

View Certificate ↗
● CERTIFIED
🧪

PortSwigger – Burp Suite Community Practitioner

Web application security testing using Burp Suite tools and vulnerability analysis.

View Details
● PURSUING
🧠

CompTIA – CySA+ (Cybersecurity Analyst+)

Focused on threat detection, behavioral analytics, incident response, and SIEM-based security monitoring.

View Details
● PURSUING
// INTERACTIVE TERMINAL

COMMAND LINE

Type help to see available commands.

vishal@kali:~$
// ESTABLISH CONNECTION

CONTACT

Available for freelance pentesting engagements, SOC consulting, and security advisory roles. Drop a message — encrypted channels preferred.

📧 EMAIL 💼 LINKEDIN 💻 GITHUB 🎯 TRYHACKME ⬛ HACK THE BOX
SEND ENCRYPTED MESSAGE