I’m Nash N Sulthan — a security engineer who has spent 8+ years on the offensive side of cybersecurity, finding the cracks that scanners miss and the flaws that keep CISOs up at night.

My work sits at the intersection of penetration testing, red teaming, application security, and DevSecOps. I’ve tested everything from web applications and APIs to mobile apps, cloud infrastructure, servers, firewalls, and network devices — and I’ve built the tools to automate much of it.

The Short Version

I find vulnerabilities in systems before attackers do. I’ve reported critical flaws in national e-voting systems, bypassed admin authentication on fintech platforms protecting millions of users, and built AI-powered vulnerability scanners that ship as part of a commercial SaaS platform.

I write code in Python, Golang, and Bash. I work across AWS, Azure, and GCP. I set up Wazuh SIEM deployments, design secure CI/CD pipelines with Terraform and GitHub Actions, and harden Kubernetes clusters. I understand compliance frameworks like PCI-DSS, NIST 800-53, ISO 27001, and GDPR — not just as checklists, but as engineering constraints.

Speaking

I’ve spoken on network security and cybersecurity at ISRO’s Vikram Sarabhai Space Centre (VSSC) — India’s premier space research centre — and led hands-on workshops at Seasides Conference in Goa and OWASP Kerala on threat hunting and offensive security techniques.

Community

I believe security gets better when knowledge is shared freely:

Education

B.Tech in Computer Science and Engineering College of Engineering Perumon, Kerala

Get in Touch

I’m available for penetration testing engagements, security consulting, DevSecOps implementation, and security training workshops.

Find me on GitHub, LinkedIn, and X. I go by shadowpi_ in the security community.

You can also reach me at [email protected].