Aaditya Purani is an Independent Security Researcher. Aaditya’s primary areas of expertise are web application penetration testing, mobile application penetration testing, product security reviews, and source code review.
He actively contributes to responsible disclosure programs and is included in the hall of fame for Google, Apple, and AT&T. Aaditya also participates in capture the flag (CTF) challenges and is one of the core team members of DCUA (DefCon-UA), which was the world’s leading white hat CTF team in 2016. He has competed in MIT CTF, CSAW CTF, GCCS Finals on-site events. As a researcher, his most famous findings include Brave Browser Address Bar Spoofing, WordPress Mobile Detector Code Execution, and Apple Beats Account Takeover. As a writer, Aaditya has authored articles for InfoSec Institute, Buzzfeed, Hackin9, and DailyO.
Aaditya worked as an iOS and PHP developer intern with Space-O Technologies. During this time, he developed TwitterMasher, an application that helps enterprises manage their social media presences. He was also a lead penetration tester at HackerLedge, where he consulted organizations on potential vulnerabilities. During summer of 2016, he did internship with Bishop Fox. Currently, he is interning at Palo Alto Networks as a Threat Research Engineer in Santa Clara, CA.