Skip to main content
HimalayasHimalayas logo
Midhun MohananMM
Open to opportunities

Midhun Mohanan

@midhunmohanan1

Offensive Security Consultant with 4+ years delivering web, mobile, API, and network security assessments.

India
Message

What I'm looking for

I’m looking for a role where I can lead web, mobile, API, and thick-client assessments, run adversary simulations, and automate security testing—partnering with engineering to deliver clear remediation guidance and measurable risk reduction.

I’m an Offensive Security Consultant with 4+ years of experience delivering web, mobile, API, iOS, thick client, and network security assessments across BFSI and enterprise environments. I’ve completed 450+ assessments for clients including ICICI, HDFC, Kotak, DCB, City Union, and Upstox, and I specialize in adversary simulation, EDR evasion, Android reverse engineering, secure code review, and security automation.

I align my work to frameworks like OWASP Top 10, SAMA, and PTES, combining SAST/DAST/SCA and CI/CD security support with clear reporting and remediation guidance. I’ve used tooling and techniques such as runtime instrumentation, binary analysis, and exploitation to reduce remediation cycle time by 25%, and I’m recognized by Apple, Intel, and the Government of India with certifications including CPTS, BSCP, CRTP, and CAP.

Experience

Work history, roles, and key accomplishments

SV
Current

Information Security Consultant

Securseed / Versos

Oct 2025 - Present (8 months)

Performed web, mobile, API, and iOS penetration tests aligned with OWASP Top 10 and SAMA; executed Android reverse engineering and runtime instrumentation to identify exploitable issues. Conducted internal/external network and thick-client assessments and mentored junior consultants on risk clarification and remediation.

Penetration TestingOWASP Top 10Android Reverse EngineeringThick Client TestingBinary AnalysisSecurity Mentoring
GA

Security Consultant

GreenMethod / Activbytes

Jun 2023 - Jun 2025 (2 years)

Delivered web, mobile, API, and iOS penetration tests aligned with OWASP Top 10 and PTES, including advanced Android reverse engineering and runtime manipulation. Built phishing infrastructure, ran adversary simulations, and automated pentest workflows that reduced vulnerability remediation cycle time by 25% while providing risk reports and remediation guidance to engineering teams.

Penetration TestingOWASP Top 10Android Reverse EngineeringRuntime ManipulationDependency Check SCACI CD SecurityAdversarial Testing
QL

Information Security Consultant

QSEAp Infotech Pvt Ltd

Jun 2021 - Jun 2023 (2 years)

Conducted 450+ security assessments for BFSI clients including ICICI, HDFC, Kotak, DCB, City Union, and Upstox, identifying issues such as XSS, SQL injection, SSRF, CSRF, and privilege escalation. Performed static/dynamic Android testing and API/thick-client pentests and supported secure SDLC through source code review and developer collaboration on mitigations.

Vulnerability AssessmentXSS SQLi SSRF CSRF TestingAndroid TestingFridaAPI TestingSource Code ReviewSecure SDLC

Education

Degrees, certifications, and relevant coursework

NK

NIILM University, Kaithal

Bachelor of Computer Applications, Computer Applications

2021 - 2023

Earned a Bachelor of Computer Applications (BCA) at NIILM University, Kaithal, from 2021 to 2023.

Tech stack

Software and tools used professionally

GitHub logo

GitHub

SonarQube logo

SonarQube

Gmail logo

Gmail

JavaScript logo

JavaScript

PHP logo

PHP

PowerShell logo

PowerShell

Wireshark logo

Wireshark

Linux logo

Linux

iOS logo

iOS

macOS logo

macOS

Windows logo

Windows

SQL logo

SQL

Burp Suite logo

Burp Suite

Nmap logo

Nmap

Metasploit logo

Metasploit

Bash

Dynamic logo

Dynamic

Arduino logo

Arduino

Remote logo

Remote

Check logo

Check

Movement logo

Movement

Android logo

Android

Availability

Open to opportunities

Location

India

Authorized to work in

India

Portfolio

midhunmohanan101.github.io

Job categories

Offensive Security ConsultingPenetration TestingRed Teaming & PentestingAPPLICATION SECURITY | TECHAI Security AutomationCode ReviewOffensive Security Services Consulting & SalesSenior Offensive Security Specialist

Skills

Penetration TestingAndroid TestingAndroid Reverse EngineeringCode InstrumentationBinary AnalysisAdversarial TestingLateral MovementEDRAPI TestingMobile Pentesting CertificationsIOS TestingThick Client Penetration TestingCode ReviewVulnerability ManagementReportingPythonPHPJavaScriptBASHPowerShellWindowsLinuxMacOSBurp suiteWiresharkNessusADBAPKToolJadx GUISonarQubeEchoProcmonDnSpyNmapMetasploitBloodHoundNetHuntGhidraSliver C2SASTDASTSCAOWASP Dependency CheckCI CD SecurityOWASP Top 10DLL HijackingInsecure File OperationsInsecure Registry OperationsWeak CryptographyTraffic InterceptionSource Code ReviewAndroidArduinoCheckDynamicGitHubGmailMovementSQLiOSRegShot Remote

Interested in hiring Midhun?

You can contact Midhun and 90k+ other talented remote workers on Himalayas.

Message Midhun

People also viewed

View all talent

Find your dream job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan