Aaditya P.

Aaditya P. Email and Phone Number

Security Engineer at AWS | Ex-Tesla | Black Hat & DEFCON Speaker | Awarded by PM of India & Sri Lanka | Featured in Reuters, Vice, and more @ Amazon Web Services (AWS)
Aaditya P.'s Location
Mountain View, California, United States, United States
About Aaditya P.

Aaditya Purani is a Security Engineer at Amazon Web Services (AWS) where he leads collaborative pentesting efforts, develops tooling for fellow testers, and drives shift-left initiatives to scale and enhance security testing. Aaditya's primary areas of expertise are web/mobile/blockchain application penetration testing, product security reviews, and source code review including reverse engineering. Previously, he was a Senior Security Engineer at Tesla for 3 years.He actively contributes to responsible disclosure programs and is included in the hall of fames for Google, Apple, and AT&T. Aaditya also participates in security capture the flag (CTF) from Perfect Blue which is globally ranked top-1 CTF team and is one of the founding members of UTC (United Texas Coalition). As a researcher, his most famous findings include BTCPay Pre-Auth RCE, Mattermost RCE, and Akamai Zero Trust RCE. As a writer, Aaditya has authored articles for InfoSec Institute, Buzzfeed, Hackin9, and DailyO. He also has 22 CVEs attributed to his findings. He was awarded by Hon. Prime Minister of India Narendra Modi and Hon. Prime Minister of Srilanka Ranil Wickremesinghe in 2017 for winning a global event GCCS 2017 hacking CTF.Aaditya has 6 years of professional experience as a security engineer operating at senior level, within a 12-year active involvement in the security community, with top companies like Tesla, Palo Alto Networks, Bishop Fox, and Amazon Web Services (AWS). Aaditya enjoys doing research & development into offensive and niche appsec subjects. He has also spoken about his collaborative research ("ElectroVolt: Pwning popular desktop apps while uncovering new attack surface on Electron") at most prestigious cyber-security conferences:- Black Hat USA 2022- DEFCON 30Interviewed by Forbes, Reuters, and Vice, Aaditya is a recognized SME in cybersecurity and has built a following of 7,000 on X (formerly Twitter), where he shares insights and developments in the field. Aaditya continues to push the boundaries of cybersecurity through innovative research, knowledge sharing, and active community engagement.

Aaditya P.'s Current Company Details
Amazon Web Services (AWS)

Amazon Web Services (Aws)

View
Security Engineer at AWS | Ex-Tesla | Black Hat & DEFCON Speaker | Awarded by PM of India & Sri Lanka | Featured in Reuters, Vice, and more
Aaditya P. Work Experience Details
  • Amazon Web Services (Aws)
    Penetration Testing Engineer (Seceng)
    Amazon Web Services (Aws) Oct 2022 - Present
    Seattle, Wa, Us
    Full-stack hacking, leading collaborative pentests, and spearheading automation projects to scale and enhance security measures that protect AWS and its customersConsistently delivering results, tackling complex and ambiguous challenges, and enabling metrics-driven, data-informed decisions. Actively mentoring junior engineers, contributing to the hiring process, sharing knowledge, creating runbooks, and presenting novel TTPs to boost team efficiency and growth.Won 3 back-to-back Amazon Internal CTFs as a solo player competing against teams. Currently focused on revolutionizing GenAI security @ AWS. 🚀
    View
  • Perfect Blue
    Capture The Flag (Ctf) Team Member
    Perfect Blue Aug 2019 - Present
    Perfect Blue is a Capture The Flag (CTF) Team comprising of students and professionals mainly from US and other parts of the world. It is ranked on CTFTime as world’s best hacking team for the year 2020, 2021, and 2023.perfect blue has won the most challenging and prestigious hacking competitions (CTF) events across the world consistently such as GoogleCTF, PlaidCTF, HITCON CTF, DEFCON Quals. As of 2023, perfect blue is playing under “Blue Water”. https://blog.perfect.blue/perfect-blue-finishes-top-1-on-CTFtime-2020
    View
  • Independent
    Security Researcher
    Independent Jan 2013 - Present
    • Self-motivated security professional since 2013• Diverse skillset: Expertise ranging from Web to Reverse Engineering, capable of tackling any challenge.• Awarded bug bounties from over 100 companies worldwide.• Active in CTFs as a member of world ranked #1 teams since 2016 (previously with dcua, currently with perfect blue/Blue Water).• Researching niche AppSec topics and advancing the field through innovative research.• Developing tools for auditing blockchain security.• Conducting vulnerability research by reproducing n-days and hunting 0-days in well-known products.• Presented at Black Hat USA 2022 and DEFCON 30 on “ElectroVolt: Pwning popular desktop applications while uncovering new attack surface on Electron,” a collaborative research effort.
  • Tesla
    Senior Security Engineer
    Tesla Mar 2021 - Sep 2022
    Austin, Texas, Us
    • Demonstrated offensive penetration testing competence and ownership in diverse areas for year long, large scale projects: Manufacturing Audit (2019-2020), Energy Audit (2020-2021), and Vehicle system Audit (2021-2022). Findings were presented to the VP and Board of Directors.• Ensured that Tesla's mission critical releases were as secure as possible by performing end-to-end security reviews on over 400+ tickets. Notable work on securing: BTC+DOGE payment release, SentryCam, Non-Tesla Supercharging, Tesla Auth, etc.• Discovered and reported 0days in multiple third party vendors such as Akamai Zero Trust, ObserveIT, Avaya, etc. • Performed successful Red Team engagements to challenge the security posture of numerous crown jewels and provided guidance for the remediation by going above and beyond for my role.• Helped strengthen Tesla's defenses by collaborating with blue team to build robust signals during purple team activities. • Proactively reconstructed 1-days/n-days through patch-diffing and led offensive testing efforts to perform company-wide scanning for critical emerging vulnerabilities such as log4j, spring4shell, etc. Always stayed on top of emerging threat landscape, this resulted into Tesla being unaffected during such major incidents.• Created documentation for onboarding, workflow for incident handling, testing methodologies/ checklist and third party audit flows that are regularly used by 4 security engineering teams.• Developed multiple tooling for security teams and developers which saved over 2000+ human hours every year.• Managed many reports submitted to Tesla’s Bug Bounty Program. As a follow up to a report, I led entire end-to-end remediations and conducted internal pentest to identify the breadth of impact and to fix similar issues throughout Tesla before anyone else would find.• Designed training programs targeted at developers and led training and awareness initiatives that were attended by over 5,000 employees in 3 years.
    View
  • Tesla
    Security Engineer
    Tesla Oct 2019 - Mar 2021
    Austin, Texas, Us
    Red Team - Offensive Security, AppSec, Vulnerability Research (VR), and Incident Handling - Hacking all the things and keeping Tesla and its customers secure!
    View
  • Palo Alto Networks
    Threat Research Engineer Intern
    Palo Alto Networks May 2018 - Aug 2018
    Santa Clara, California, Us
    • Worked alongside with App-ID team to develop manual signatures for Web/Mobile/Thick Client applications by fully understanding the network flow, identifying patterns, testing and deploying on a Palo Alto Networks Firewall.• Developed 20+ signatures with applications using HTTP/2, a latest web protocol at that time and built an analyzer• Instrumented malware analysis with full reverse engineering of most complex samples and emulated threat in an air-gapped environment to write signatures for detecting and blocking them. Collaborated with Unit42 regularly.• Worked on an Internal project (also my Intern project) along with my mentor to automate and enhance signature generation productivity by 100% with minimal false-positives using Machine Learning algorithms.
    View
  • Bishop Fox
    Security Analyst Intern
    Bishop Fox May 2017 - Jul 2017
    Tempe, Arizona, Us
    Aaditya Purani was a Security Analyst at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. Aaditya's primary area of expertise are web application penetration testing, mobile application penetration testing, product security reviews, and source code review.
    View

Aaditya P. Skills

Firewalls Rhcsa Security Research Computer Forensics Information Security Social Media Powerpoint Ceh Logisim Linux Api Development C Facebook Marketing Youth Leadership Youtube Networking Reverse Engineering Penetration Testing Computer Security Tcp/ip Technical Writing Xss Mobile Applications Web Application Security Facebook Ollydbg Java Ccna Network Security Php C++ Social Media Marketing Css Ubuntu Python Cryptography Malware Analysis Security Solidity Cloud Computing Ethical Hacking Exploit Author Mysql Shell Scripting

Aaditya P. Education Details

  • The University Of Texas At Arlington
    The University Of Texas At Arlington
    Computer Engineering

Frequently Asked Questions about Aaditya P.

What company does Aaditya P. work for?

Aaditya P. works for Amazon Web Services (Aws)

What is Aaditya P.'s role at the current company?

Aaditya P.'s current role is Security Engineer at AWS | Ex-Tesla | Black Hat & DEFCON Speaker | Awarded by PM of India & Sri Lanka | Featured in Reuters, Vice, and more.

What schools did Aaditya P. attend?

Aaditya P. attended The University Of Texas At Arlington.

What skills is Aaditya P. known for?

Aaditya P. has skills like Firewalls, Rhcsa, Security Research, Computer Forensics, Information Security, Social Media, Powerpoint, Ceh, Logisim, Linux, Api Development, C.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.