Offensive Security // Red Teaming

Sooraj Balasubramaniyan

Cybersecurity researcher focused on penetration testing, adversary simulation, Linux security, and practical vulnerability research.

View Research GitHub TryHackMe
Scroll to reveal
01 // About

Operator Profile

Research Focus

Self-taught cybersecurity researcher from Kerala, India, with hands-on focus in web exploitation, offensive workflows, and vulnerability validation across real-world targets.

Operational Background

4+ years of SaaS support and implementation exposure in enterprise environments, now converted into offensive context for risk discovery and practical hardening guidance.

Top 6%TryHackMe Rank
110+Rooms Completed
1Published THM Room
4+Years in Tech
02 // Projects

Built, Broken, Documented

Open Source Tool

GarudaDebloat

Built and published GarudaDebloat, a Windows debloating and hardening utility focused on streamlining privacy, performance, and baseline security setup workflows.

github.com/bheeshmadev/GarudaDebloat

TryHackMe

Gone Dark: Linux Forensics Room

Designed and published a beginner-level Linux forensics challenge with custom scenario logic, guided documentation, and investigative workflow checkpoints.

Bug Bounty

Web Application Security Research

Active testing on production programs for access control flaws, API weaknesses, and data exposure vectors with reproducible proof-of-concept reporting.

Incident Response

Malware Recovery and Forensics

Performed imaging, triage, malware verification, controlled recovery, and post-incident procedure delivery for compromised endpoint data sets.

Offensive Labs

Attack Chain Execution

Executed full chains involving SSRF, shell access, escalation, credential attacks, and post-exploitation validation across Linux-focused labs.

03 // Skills

Tooling and Tradecraft

Offensive Security

Penetration Testing, Vulnerability Assessment, Web App Security, Privilege Escalation, AD Attack Fundamentals, OSINT.

Platforms and Tools

Burp Suite, Nmap, Wireshark, Nessus, Metasploit, Wazuh, ClamAV, Kali Linux, ProjectDiscovery stack.

Scripting

Python, Bash, PHP, C for automation, payload adaptation, and proof-of-concept support scripts.

Infrastructure

Linux and Windows administration, networking, virtualization, Git workflows, and operational documentation.

04 // Certifications

Training Path

PNPT

Practical Network Penetration Tester, TCM Security (In Progress).

Ethical Hacking Fundamentals

TCM Security (2022).

LAHTP

Learn Hacking Through Programming, Selfmade Ninja Academy (2024).

RHEL Fundamentals

IBM on Coursera (2024).

05 // Contact

Open to Security Work

Available for cybersecurity roles, security research collaboration, and offensive security projects.

soorajcodes@gmail.com
GitHub Medium YouTube HackerOne