Kapil Gurav

Mobile and embedded security consultant and penetration tester

KapilGurav

Joined February 2026

payatu.com

github.com

Network

16.8K connections

DBVBRS

FADGAA

DBSKYK

PKVCSY

DBCKSB

AMRWSG

DBHMSS

Summary

Mobile and iOS security practitioner — authors technical guides and delivers talks on iOS reversing, runtime manipulation, and mobile pentesting techniques, with hands-on experience in LLDB, runtime instrumentation, and app architecture. payatu+2

Full-spectrum assessor of applications, embedded systems and firmware — conducts security assessments spanning Web, API, mobile and hardware/firmware, and is credited in community/industry acknowledgements related to firmware and binary reverse engineering. payatu+1

Tool and lab creator for learning — contributed to and co-developed intentional-vulnerability projects (BugBazaar / iBugBazaar) used for mobile appsec training and hands-on skill building. github+1

Community-oriented researcher and bug bounty participant — active in public security communities, speaks at webinars, and has documented bug-hunting success (multiple Hall of Fame mentions and community MVP recognition). youtube+2

Work

Projects

Writing

Device Setup and Barriers

October 1, 2023

E-book covering device configuration and common barriers encountered during Android and iOS mobile app penetration testing, including tools and procedures to prepare test devices.

payatu.com

LLDB's Runtime Manipulation: A Guide to Advance Debugging and Optimization

April 1, 2023

A technical guide on using LLDB for runtime manipulation on iOS, covering ASLR offsets, breakpoints, register modification, and techniques useful for debugging and authorized pentesting (including authentication/jailbreak-detection bypass techniques in controlled environments).

payatu.com

Getting Started With the Basics of iOS Penetration Testing

June 1, 2022

An introductory article on iOS application penetration testing, covering iOS architecture, IPA structure, jailbreak concepts, and a high-level methodology for assessing iOS apps.

payatu.com

Hobbies

Interested in entrepreneurship and building security-focused products and ideas.

Devansh Bordia

Security Consultant at Strike

Ashish Mathur

Head of Cyber Security at TBO.COM

Krishna Gupta

Chief Executive Officer at OMVAPT

Aseem Shrey

Founder at ShipSecAI

Ajay P

Avkash Kathiriya

Sr. VP - Research and Innovation at Cyware

Kapil Gurav

Network

Summary

Work

Security Consultant : Co LeadPayatu2021–2024

Senior Product Security SpecialistIndependent / Freelancer

Senior Product Security SpecialistConfidential2024–Present

Red teamPentabug2023–Present

Security AnalystSuma Soft Pvt Ltd2020–2021

Security ConsultantAYN InfoTech Limited2019–2020

Security AnalystDRDO, Ministry of Defence, Govt. of India2019–2019

Projects

iBugBazaar (iOS)

BugBazaar (Android & iOS)

Writing

Device Setup and Barriers

LLDB's Runtime Manipulation: A Guide to Advance Debugging and Optimization

Getting Started With the Basics of iOS Penetration Testing

Hobbies

Interested in entrepreneurship and building security-focused products and ideas.

Similar profiles

Devansh Bordia

Ashish Mathur

Krishna Gupta

Aseem Shrey

Ajay P

Avkash Kathiriya

Devansh Bordia

Ashish Mathur

Krishna Gupta

Aseem Shrey

Ajay P

Avkash Kathiriya