Arjun Shibu

Self-motivated Security Researcher with proficiency in application security, programming, grey box testing, debugging and exploitation. Active contributor to open-source and demonstrated skill identifying and protecting from security issues in open-source products. Passionate to learn, grow and excel in the security industry.

  Thodupuzha, Kerala, India   arjunshibu.tech             

Work Experience

Security Researcher


Huntr.dev • Nov 2020 - Present

  • huntr.dev/users/arjunshibu
  • Disclosed 40+ and fixed 90+ security vulnerabilities in open-source assets through responsible disclosure.
  • Collaborated with maintainers of popular packages and repositories.

Full Stack Developer Intern


E8y6 Technologies Pvt. LtdOct 2020 - Feb 2021

  • Helped code and test full-stack e-commerce web application software based on modern approaches.
  • Reviewed code to validate structures and assess security.
  • Planned and engineered RESTful web services to manipulate dynamic datasets.

Achievements


  • CVE-2021-37678 - Arbitrary Code Execution vulnerability in TensorFlow Machine Learning Framework by Google.
  • CVE-2021-23329 - Prototype Pollution vulnerability in the NPM library nested-object-assign.
  • CVE-2021-23327 - Cross-site Scripting vulnerability in ApexCharts.js.

Online Training

Hack The Box


Pentesterlab



Projects


  • gcmd • Command-line wrapper written in Go to automate the use of large one-liners, useful while doing recon for security testing.
  • Task Manager API • Node.js REST API to manage user tasks with JWT-based authentication.


Education

St. Joseph's College of Engineering & Technology

B Tech - Computer Science & Engineering • 2018 - 2022

Skills

Security


  • OWASP Top 10
  • Web & Mobile Testing
  • Source code Review
  • Debugging & Dynamic Analysis
  • Exploit Development
  • Reverse Engineering

Tech Stack


  • Node.js / Express.js / React.js
  • GraphQL / Apollo / Prisma
  • Rust
  • Golang
  • Python
  • PHP

Language


  • English - fluent