Open to opportunities

SANKALP MANKAR

@sankalpmankar

Message

Motivated cybersecurity enthusiast focused on VAPT, web security, and digital forensics.

India

Message

What I'm looking for

I’m looking for an entry role in cybersecurity where I can run VAPT and application security testing, translate vulnerabilities into clear risk and remediation, and grow in cloud and host-based defense using tools like Burp Suite, Kali, and Metasploit.

I’m a Computer Science & Engineering student and a cybersecurity enthusiast focused on Vulnerability Assessment and Penetration Testing (VAPT), web and network security testing, and digital forensics. I like turning reconnaissance into clear findings that help strengthen real defenses.

In my OWASP Juice Hack project, I performed end-to-end VAPT on the OWASP Juice Shop using Kali Linux and Burp Suite, identifying and exploiting 12+ vulnerabilities across 50+ endpoints. I successfully exploited a critical SQL Injection to achieve full authentication bypass and uncovered a high-severity CSRF flaw.

For the Anti-Keylogger Detection System, I designed detection logic in Python using OS-level APIs (Windows/Linux hooks), achieving 95%+ detection accuracy across 20+ simulated scenarios. I integrated WebSockets for live dashboard notifications (up to 1,000 concurrent events) and optimized performance with multithreaded processing to reduce detection latency by 60–70% while handling 10,000+ keystrokes per minute.

In my EternalBlue Strike work, I leveraged Metasploit to exploit MS17-010 (EternalBlue) and achieved remote SYSTEM-level access in a controlled Windows lab. I also documented findings in professional VAPT reports with CVSS-based risk analysis and prioritized remediation recommendations.

Experience

Work history, roles, and key accomplishments

Web VAPT (OWASP Juice Shop)

Parul University

Nov 2025 - Dec 2025 (1 month)

Performed end-to-end VAPT on OWASP Juice Shop, using reconnaissance, automated scanning, and manual testing to identify and exploit 12+ vulnerabilities across 50+ endpoints. Exploited a critical SQL injection for full authentication bypass (100% credential extraction) and uncovered a high-severity CSRF issue.

Vulnerability Assessment Penetration Testing OWASP Top 10 Web Application Security SQL Injection CSRF Burp suite Kali Linux

Anti-Keylogger Detection System

Parul University

Jun 2025 - Oct 2025 (4 months)

Designed and implemented anti-keylogger detection logic in Python using OS-level hooks (Windows/Linux), achieving 95%+ accuracy over 20+ simulated keylogging scenarios with real-time monitoring. Built live notifications via WebSockets and optimized performance using multithreaded event processing, reducing detection latency by 60–70% and handling 10,000+ keystrokes/min safely.

Python Host Based Detection WebSockets Monitoring Multithreading Performance Optimization

EternalBlue VAPT Exploit

Parul University

Jun 2024 - Jul 2024 (1 month)

Conducted network vulnerability assessment and penetration testing on a controlled Windows lab environment using Nmap and Kali Linux, identifying exploitable services including MS17-010. Used Metasploit to gain remote SYSTEM-level access on an unpatched target and documented findings with CVSS-based risk analysis and prioritized remediation recommendations.

Nmap Metasploit MS17 010 (EternalBlue)Network Security CVSS Proof Of Concept Reporting