Aaditya Purani is an Independent Security Researcher. Aaditya’s primary areas of expertise are web application penetration testing, mobile application penetration testing, product security reviews, and source code review including reverse engineering.
He actively contributes to responsible disclosure programs and is included in the hall of fames for Google, Apple, and AT&T – He has helped and consulted Fortune-100 companies for helping them fix their security issues. Aaditya also participates in capture the flag (CTF) competitions which is Information security synonym to programming ACM ICPC. As a researcher, his most famous findings include Brave Browser Address Bar Spoofing, WordPress Mobile Detector Code Execution, and Apple Beats Account Takeover. As a writer and journalist, Aaditya has authored articles for InfoSec Institute, Buzzfeed, Hackin9, and DailyO.
As a CTF player, he has successfully played more than 150+ CTFs and emerged out as winner in BSides DFW, BSides SF and GCCS 2017 where he was also awarded by Prime Minister of India Hon. Narendra Modi & Prime Minister of Srilanka Hon. Ranil Wickremesinghe.
Aaditya worked as an iOS and PHP developer intern with Space-O Technologies. During this time, he developed TwitterMasher, an application that helps enterprises manage their social media presences. He was also a lead penetration tester at HackerLedge, where he consulted organizations on potential vulnerabilities. In 2017, he interned at Bishop Fox as security analyst & in 2018 summer he interned at Palo Alto Networks as a Threat Research Engineer. Apart from that, he is currently independently researching on blockchain security such as Ethereum Smart contract.
In his free time, you can find him either exploring new places, and practicing photography.