$ whoami --verbose

Garv Thakkar
Offensive Security.

Red Team Operations VAPT Specialist Threat Simulation Research

I break systems before attackers do. Specializing in red team operations, adversary simulation, and vulnerability assessment across web, mobile, and network environments.

Request Assessment Review Research
garv@thakkar-sec ~ zsh
Interactive Shell v1.2.0 (Type 'help' for command mapping)
gt-sec $

Enterprise Threat Mapping.

I am an offensive security specialist completely focused on breaking enterprise architectures before real threat actors do. My experience focuses on adversarial emulation, identifying critical structural logic bugs, and orchestrating vulnerability assessments across mobile applications, cloud vectors, and complex corporate internal networks.

Throughout my work with tier-1 consultancies, I have executed assessments for more than 150+ clients, securing high-value digital infrastructures. A large portion of my portfolio involves testing highly regulated BFSI (Banking, Financial Services, and Insurance) sectors, where regulatory baselines and custom financial logic endpoints require meticulous validation.

Beyond penetration testing, I am an active security researcher focusing on malicious weaponization vectors, browser evasion mechanisms, and internal automation.

150+Assessed Corporate Clients
BFSISector Specialization
5+On-Site Red Team Assessments

Advanced BFSI Logistics Penetration

Uncovering complex high-risk balance manipulation flaws, API authorization overrides, and financial gateway transaction intercept vulnerabilities.

Threat Research & Malware Evasion

Analyzing uninstaller execution vectors and alternative character obfuscations to identify how threat networks bypass defense barriers.

🇬🇧 English (Professional)
🇮🇳 Hindi (Native)
🇮🇳 Gujarati (Native)

Operational Background.

September 2024 — Present

Cyber Security Consultant & Delivery Lead

Tribastion Technologies Pvt. Ltd. Current Position

Owned the entire operational lifecycle as a core team member in a high-velocity startup ecosystem, driving everything from initial client onboarding and strategic presales architectures to end-to-end project delivery and financial invoicing pipeline management.

Executed complex Red Team simulations for marquee BFSI entities, reverse-engineering high-security mobile applications to bypass hardened client-side encryption primitives. Spearheaded a massive 9-month on-site deployment at Kalpataru Projects International Ltd., managing their complete cyber security perimeter, infrastructure diagnostics, and threat landscapes far beyond baseline CrowdStrike or Netskope monitoring. Additionally, orchestrated wide-scale organization phishing simulations leveraging PhishKit, a proprietary assessment framework I co-developed.

Full Operational Ownership Red Team Simulations BFSI Encryption Bypassing Presales & Delivery Management Enterprise On-Site Deployment
January 2024 — June 2024

Cyber Security Analyst Intern

TechDefence Cybersecurity Ltd.

Leveraged the high-volume client ecosystem of an established security firm to manage multiple fast-paced penetration testing scopes. Handled full-spectrum testing landscapes across Web Applications, Mobile Applications (Android/iOS), Network Infrastructures, and complex Thick-Client architectures. Actively trusted to lead knowledge-transfer initiatives, curate internal lectures, and mentor incoming engineering cohorts on modern vulnerability exploitation vectors and methodologies.

Thick-Client Penetration Testing Full-Scale VAPT Scopes Corporate Mentorship & Lectures Multi-Vector Auditing

Weapons Matrix.

Red Teaming

Cobalt StrikeMetasploitMITRE ATT&CK MappingLateral MovementOPSECActive Directory

Web, Network & Thick Client VAPT

Burp Suite Thick Client Security OWASP Top 10 Nmap Nessus Qualys

Mobile App VAPT

Frida JADX Objection Reflutter MobSF OWASP Mobile Top 10 Static Analysis Dynamic Analysis

Reverse Engineering & Forensics

Ghidra IDA Binary Analysis Volatility Malware Unpacking

SOC & Deployment Monitoring

CrowdStrike EDRThreat HuntingNetskope ProxyIncident Response & Analysis

Threat Research.

Research Project 01

Weaponized Uninstallers — A Hidden Threat in Software Cleanup

Research exposing how standard system software uninstallers can be altered to deploy hidden secondary payloads during cleanup procedures. Demonstrated strategies through which threat networks exploit uninstaller permissions to bypass endpoint controls and maintain system access even after application removal.

Malware PersistenceDefensive Bypass
Research Project 02

Threat Simulation: Braille Extension Evasion Technique

An adversarial threat simulation displaying proxy browser extension evasion paths via specialized alternative font layout matrices. Investigated mechanics where browser configurations can process invisible command tracking while staying completely unnoticed by traditional endpoint detection baselines.

Adversary EmulationBrowser Internal Security
Deployment Project 03

PhishKit — Phishing Simulation Platform

Co-developed, designed, and constructed a internal enterprise phishing assessment engine used to evaluate corporate organizational susceptibility vectors. Engineered core data logging metrics pipelines, secure mail delivery routing layers, and defensive tracking dashboards.

Social Engineering EngineSecure Metrics Tracking

Validated Expertise.

Postgraduate Specialization

Master of Technology (M.Tech)

Cyber Security
Undergraduate Foundation

Bachelor of Technology (B.Tech)

Computer Science & Engineering (Specialization in Cybersecurity)
Cyberwarfare Labs

Certified Red Team Analyst (CRTA)

Offensive Tracking Track
The SecOps Group

Certified AppSec Practitioner (CAP)

Application Protection Domain
The SecOps Group

Certified Network Security Practitioner (CNSP)

Enterprise Infrastructure Audits

Get In Touch.

Available for corporate security assessments, application penetration testing, or infrastructure audits. Let's secure your perimeter.

contact@garvthakkar.com
LinkedIn Profile âž” GitHub Profile âž”