Mukul Joshi
HANDLE: CYB3RFY·Pune, IN
SUBJECT FILE
Cybersecurity researcher and CTF competitor with podium finishes at CTFQuest '26 (1st), H7CTF (2nd, top 0.2%), and DY Patil Offline CTF (2nd). Currently a Research Intern at Fenrir Security, focused on web application penetration testing, prompt engineering, and AI-driven security tooling. Operates the CYB3RFY YouTube channel — 90+ instructional videos on web exploitation and CTF methodology. Secretary of the ISDF cybersecurity club at AIT Pune; directed the Bypass CTF (542 teams).
EDUCATION
Army Institute of Technology (AIT)
Pune, MaharashtraBachelor of Engineering, Computer Science — Expected June 2027August 2023 — Present
EXPERIENCE
Fenrir Security Pvt Ltd
RemoteCybersecurity Research InternFebruary 2026 — May 2026
- Executed penetration testing on web applications and designed AI-driven custom skill files utilizing prompt engineering, increasing the efficiency of automated vulnerability detection.
- Programmed custom Python and Bash scripts to automate reconnaissance, network enumeration, and payload delivery workflows.
CopperCloud IOTech Pvt Ltd
Pune, MaharashtraIntern, IoT SecurityApril 2025 — July 2025
- Deployed secure IoT architectures for Industry 4.0 applications, fortifying system resilience through hands-on hardware implementation and rigorous security audits.
PROJECTS
Content Creation, Community BuildingAugust 2024 — Present
- Grew an educational cybersecurity community to 360+ subscribers across 90+ technical videos on web exploitation, CTFs, and practical hacking.
Multi-Agent AI Bug Bounty Framework
Python, Bash, Security Automation2025 — Present
- Architected a Lead/Worker multi-agent LLM framework across a 5-phase test pipeline: reconnaissance, endpoint mapping, structured testing, validation, and reporting; earned a $250 HackerOne bounty for an Account/Org takeover via OAuth Device-Grant phishing.
- Engineered automated recon with source-map recovery, webpack chunk enumeration, GraphQL introspection, and CDP dual-session browser automation; deployed on programs including HubSpot, Twilio, Toyota Motor Europe, HDFC, and Groww across HackerOne, Intigriti, and BugBase.
TECHNICAL SKILLS
- LANGUAGES
- Python, JavaScript, C/C++, HTML/CSS, Bash, SQL
- SECURITY TOOLS
- Burp Suite, Nmap, Metasploit, Wireshark, SQLmap, Hydra, Gobuster, Postman, Chrome DevTools Protocol (CDP)
- SECURITY DOMAINS
- Web Exploitation, Bug Bounty Research, REST API Testing, Penetration Testing, Digital Forensics, OSINT, IoT Security
- AI & AUTOMATION
- Multi-Agent LLM Orchestration, Prompt Engineering, Claude, Gemini, GitHub Copilot
- DEVELOPER TOOLS
- Git, GitHub, Linux (Kali, Windows, Ubuntu)
- PLATFORMS
- HackerOne, Intigriti, BugBase
POSITIONS OF RESPONSIBILITY
Secretary — Information Security and Digital Forensics (ISDF) Club
Army Institute of Technology, PuneJuly 2025 — Present
- Mentored a core committee of 40 juniors to manage a community of 1,500+ members, and presented technical workshops on forensics, steganography, and web exploitation to 200+ students.
- Directed the organization of Bypass CTF, a 36-hour hybrid competition featuring 542 teams online and a top-30 offline finale.
ACHIEVEMENTS
- PLATFORMS & TEAMS:Top 1% on TryHackMe; active member of Team Tracebash (Top 10 in India on CTFtime).
- PODIUM FINISHES:1st Rank in CTFQuest '26; 2nd Rank at H7CTF (Top 0.2%) and DY Patil Offline CTF; 3rd Rank at Code Intrusion CTF (IIIT Bhagalpur) and SCIT CyberON CTF.
- NOTABLE RANKINGS:5th Rank at Lakshya CTF; 6th Rank at Trinetra CTF qualifying for the offline finale at Shiv Nadar University; 11th Rank at Vishwa CTF Mini.
- FULL OPERATIONS LOG →
EXTRACURRICULAR
Instrumentalist and Musician (Flute, Ukulele)
Army Institute of Technology, PuneAugust 2023 — Present
- Performed at intercollegiate music events, collaborating with peers and utilizing technical audio workflows to record, layer, and mix musical covers.
cyb3rfy.me