Add to collection(s) Add to saved
  1. No category
Uploaded by Aarav238singh

resume-aman (1)

advertisement 
Aman Sapra
(+91) 9315677759 | amanistaken@gmail.com | Blog | Linkdin | Github |
Skills
Programming Languages: C/C++, Python, NodeJS, Golang, JavaScript, Java, Solidity, x86 Assembly and Bash.
Platforms: AWS, React, JupyterNotebook, truffle suite, hardhat, web3, kafka, rabbitmq, redis, Express,
GraphQL, Docker, Github/Bitbucket.
Databases: DynamoDB, Mysql, sqlite, MongoDB, Elastic Search & AWS Timeseries.
Security tools & Framework: Burp Suite, IDA Pro, LXC, Seccomp, codeQL & gdb.
• Full stack web development.
• Architecture cloud infrastructure with focus
on scalability, reliability and security.
• Application security with focus on web applications.
• Blockchain development and security with focus on
ethereum smart contracts.
Academics
Dehradun Institute of Technology (Dehradun, India)
Dehradun, India
Bachelor of technology (July 2017)
Experience
Synack Red Team
SECURITY RESEARCHER/FREELANCER
January 2017 -
• Performed black box pentesting on more than 100 web applications and eliminated security issues on eBay,
Apple, Zoom and multiple others.
SMART JOULES
BACKEND DEVELOPER LEAD
January 2018 - May 2021
• Designed and implemented Joule Recipe. Joule Recipe are complex control logic that runs on IOT controllers
to control attached peripherals when certain observation is met.
• Developed scalable Analytics API’s using DynamoDB Database & GraphQL to serve multiple AD-HOC queries.
• Designed and developed user Authorization and Authentication from scratch with proper access controls,
context isolation and other security measures in place.
• Performed bi-monthly pentest’s on multiple IOT networks deployed on different locations.
• Migrated Monolith to MicroService architecture and improved overall system’s reliability by 20%.
CRED
DevSecOps
May 2021 -
• Performed blackbox & whitebox penetration testing on entire codebase which includes more than 50 micro
services.
• Implemented SAST tools in CICD pipeline to automate semantic code analysis using codeQL and secret
scanning.
Projects
disasm.pro (https://disasm.pro/)
• Open-source online, realtime, multi-architecture assembler and disassembler with line-to-line correlation.
Fuzzparam
• Open-source GO based parameter finder to find possible GET/POST parameters of a URL, incredibility fast.
Node - Dynamo ORM adapter
• NPM package to connect NodeJS applications to DynamoDB using secure and reliable Object relation model.
Miscellaneous
• Co-founded the CTF team SuperGuesser, ranked 3rd internationally in 2021. We regularly compete in CTFs all
around the world.
• A 5 star freelancer at fiverr for delivering highly optimised, well documented and user satisfactory code to
customers.
• 1st runner up at EESL organised hackathon in Delhi.
• Gold medalist, Indian Regional Science Olympiad, 2011.
• Gold medalist, Indian Regional Maths Olympiad, 2011.
Security Blog
• Blog at 0xsapra.github.io. Notable posts include Exploiting Dependency Confusion.
Related documents
Study research 2021
Study research 2021
CV dmthai
CV dmthai
Assessment of the Functionality of local health system
Assessment of the Functionality of local health system
AWS Training & Certification - Certificate of Completion
AWS Training & Certification - Certificate of Completion
MAT 22
MAT 22
Marketing
Marketing
grouphw4
grouphw4
2020+Individual+Return
2020+Individual+Return
Algebra+1+module+2+study+guide
Algebra+1+module+2+study+guide
New Microsoft PowerPoint Presentation
New Microsoft PowerPoint Presentation
4.2.6 DynamoDB
4.2.6 DynamoDB
the-dynamodb-book-101nbsped compress
the-dynamodb-book-101nbsped compress
Download
advertisement