Profile banner
Devansh Bordia

Devansh Bordia

Cloud and application security engineer and vulnerability researcher

Jaipur, India
theorg+1
Joined February 2026
Favicon imagegithub.com
Favicon imagemedium.com
Favicon imagebugcrowd.com
Favicon imagelinkedin.com
Favicon imagetwitter.com
Favicon imagedevanshbordia.me

Network

13.4K connections
🎯
Bug Bounty Hunters
😈
Offensive Security Experts
👑
Security Founders Leaders
🌐
HackerOne Ecosystem
🤖
AI Security Innovators
🤝
Cyber Community

Summary

Focused on cloud security and AWS misconfigurations: Devansh publishes technical guidance and tooling reviews that dig into AWS core services (IAM, Lambda, EC2, API Gateway) and misconfiguration-based attack paths, emphasizing enumeration and remediation. detectify+2
Active application-security researcher and exploit author: he has published practical proof-of-concepts and vulnerability writeups (including a CSRF exploit submitted to Exploit-DB/CVE) and participates in bug-bounty programs. exploit-db+2
Practitioner of mobile and application pentesting: contributed an iOS pentesting guide and writes about static and dynamic analysis tooling and jailbreak usage for offensive testing. strike+1
Community educator and communicator: regularly shares technical content (blog posts, guides), appears on podcasts and video interviews, and contributes to community-facing resources about cloud security and career development in security. spotify+2

Work

Education

Projects

Writing

An in-depth guide to subfinder: beginner to advanced

February 1, 2023

A comprehensive guide to subdomain enumeration using subfinder, covering installation, usage, advanced options and integrations.

Favicon imageprojectdiscovery.io

Insider Threats as Biggest Risk

October 1, 2022

Article covering insider threat types, detection approaches and mitigation strategies.

Favicon imagetrickest.com

CodeShield: Cloud Asset Inventory & Privilege Escalation Toolkit

August 1, 2022

Medium post reviewing CodeShield, describing IAM privilege escalation detection and cloud asset inventory capabilities.

Favicon imagemedium.com

Common security vulnerabilities in Core AWS services: Exploitation and mitigation

July 1, 2022

A long-form guide that surveys common misconfigurations and vulnerabilities across core AWS services and recommended mitigations for cloud security assessments.

Favicon imagelabs.detectify.com

CSRF in ICEHRM 31.0.0.0S in Delete User Endpoint

April 1, 2022

Medium writeup documenting a CSRF vulnerability in ICEHRM allowing arbitrary user deletion and an exploit proof-of-concept.

Favicon imagemedium.com

Exploiting IAM Vulnerabilities in AWS

July 1, 2021

Detailed blog post walking through IAM enumeration, common IAM misconfigurations, exploitation examples and remediation advice for AWS accounts.

Favicon imagepayatu.com

Beginner's guide to iOS pentesting: tools, setup, and techniques

A practical guide to setting up an iOS pentesting environment and workflows for static and dynamic analysis.

Favicon imagestrike.sh

Hobbies

Bug bounty hunting and security research. bugcrowd+2