Adithyan | Security Researcher & LLM/AI Security

LIVE THREAT FEED

[CRITICAL]CVE-2024-6387—OpenSSH regreSSHion RCECVSS:9.8[CRITICAL]CVE-2025-0282—Ivanti Connect Secure Stack OverflowCVSS:9.0[CRITICAL]CVE-2024-3400—PAN-OS Command InjectionCVSS:10.0[CRITICAL]CVE-2024-3094—XZ Utils Backdoor (supply chain)CVSS:10.0[HIGH]CVE-2023-44487—HTTP/2 Rapid Reset DDoSCVSS:7.5[CRITICAL]CVE-2024-21762—FortiOS Out-of-Bound Write RCECVSS:9.6[HIGH]CVE-2023-46805—Ivanti Auth Bypass via Path TraversalCVSS:8.2[CRITICAL]CVE-2024-1709—ScreenConnect Auth BypassCVSS:10.0[CRITICAL]CVE-2024-6387—OpenSSH regreSSHion RCECVSS:9.8[CRITICAL]CVE-2025-0282—Ivanti Connect Secure Stack OverflowCVSS:9.0[CRITICAL]CVE-2024-3400—PAN-OS Command InjectionCVSS:10.0[CRITICAL]CVE-2024-3094—XZ Utils Backdoor (supply chain)CVSS:10.0[HIGH]CVE-2023-44487—HTTP/2 Rapid Reset DDoSCVSS:7.5[CRITICAL]CVE-2024-21762—FortiOS Out-of-Bound Write RCECVSS:9.6[HIGH]CVE-2023-46805—Ivanti Auth Bypass via Path TraversalCVSS:8.2[CRITICAL]CVE-2024-1709—ScreenConnect Auth BypassCVSS:10.0

// OP_ARCHIVE : PROJECTS

RESEARCH & EXPLOITS

Syncing payloads from secure server...

ACCESS_ALL_PROJECTS

BUGS_FOUND

CVES_FILED

PROGRAMS_JOINED

// SERVICES

What I Do

Specialized capabilities in offensive security and AI engineering.

[OFFENSIVE]

Security Research

Vulnerability research, exploit development, and responsible disclosure. Web and application pentesting following OWASP Top 10, with detailed PoCs and advisory reports.

[AI_SEC]

AI & LLM Security

Prompt injection testing, adversarial input analysis, and attack path documentation between AI systems and identity flows. Securing LLMs for production use.

[AI_DEV]

AI Development & Integration

Building LLM-powered tools with RAG pipelines, threat detection models, and agentic automation. From prototype to production-grade AI systems.

[BACKEND]

Secure Backend Engineering

REST APIs with Django and FastAPI, JWT auth, role-based access control, and SIEM integration. Dockerized deployments with zero-trust policies.

// ABOUT

About Me

Security Engineer

OPERATOR_PROFILE

I'm a Security Engineer focused on identifying and exploiting real-world vulnerabilities in web applications and APIs. Experienced in penetration testing, vulnerability assessment, and analyzing application logic flaws across modern systems. With a strong full-stack development background (Django, React, REST APIs), I understand how applications are designed, secured, and where they fail. This allows me to approach security from both an attacker and builder perspective.

Currently working across web, API, and AI/LLM security, with a strong full-stack background that helps me understand application design, backend logic, authentication flows, and attack surfaces more deeply. My work combines offensive and defensive security testing, vulnerability validation, and automation to identify real-world risks in modern applications.

Security

›Vuln Research

›Exploit Dev

›OWASP Top 10

›Burp Suite

›API SECURITY

AI & LLM

›LangChain

›RAG

›Prompt Injection

›PyTorch

›Hugging Face

Systems

›Linux Internals

›Docker

›PostgreSQL

›SIEM

›Zero-Trust

Development

›Python

›FastAPI

›Django REST

›TypeScript

›Next.js

// EXPERIENCE

Work History

Professional timeline and certifications.

Cyber Security Engineer

Talrop

Apr 2024 – Present

›Performed web and API security testing using Burp Suite and custom Python scripts to identify vulnerabilities in authentication, authorization, input handling, and application logic.

›Conducted security assessments for AI/LLM systems, including prompt injection, jailbreak scenarios, and data leakage risks.

›Built Python automation for reconnaissance, endpoint discovery, and vulnerability validation.

›Used my full-stack development background to analyze how backend systems, APIs, and user flows behave under attack.

›Worked on both offensive and defensive security approaches in controlled Docker-based environments to simulate realistic attack scenarios.

Full Stack Developer

Steyp

Apr 2022 – Mar 2024

›Built REST APIs with Django and PostgreSQL, adding JWT auth and role-based access control

›Fixed SQL injection, XSS, and auth bypass vulnerabilities using OWASP guidance and targeted tests

›Tuned database queries and backend performance on Linux servers to reduce latency

EDUCATION

BCA (Bachelor of Computer Applications)

Pilathara Co-op Arts & Science College

June 2022 – March 2025

CERTIFICATIONS

✓Cisco Certified Ethical Hacker (2026)

✓Cisco CyberThreat Management (2025)

✓Cyber Security Internship (2025)

✓DevOps Engineer (2025)

✓Web App Developer (2025)

✓Backend Developer (2024)

// TESTIMONIALS

What People Say

Feedback from collaborators and clients.

Yogesh Kothiya

Project Manager

Adithyan's work on integrating AI into our security pipeline was outstanding. His deep understanding of both offensive security and LLMs made our vulnerability detection system truly next-gen.

Naincy Kumari

Senior Developer

Working with Adithyan was an exceptional experience. His ability to translate complex AI concepts into production-ready code is remarkable. The voice assistant project exceeded all expectations.

Salil Rana

Tech Lead

Adithyan delivered a robust penetration testing tool that significantly improved our security posture. His expertise in both AI and cybersecurity is a rare and valuable combination.

Priya Sharma

CTO, StartupX

The RAG-based security analysis tool Adithyan built for us has been a game-changer. Fast, accurate, and beautifully engineered. Highly recommended for any AI or security project.