Botta Sai Prasad
Junior VAPT Analyst • Nellore, Andhra Pradesh, India • s***********@gmail.com • +91*******626 • drivetube.ai/•••••
Professional Summary
Junior VAPT Analyst with 2+ years of experience in Web, Mobile Application, and Network security testing. Skilled in vulnerability assessment and penetration testing (black-box and white-box), static analysis for mobile apps, CVSS v4.0 scoring, security reporting, and remediation validation. Seeking a Junior VAPT Analyst role to apply hands-on testing experience and improve application security posture.
Technical Skills
Web Technologies: REST APIs
Testing: Vulnerability Assessment and Penetration Testing VAPT,Black Box Testing,White Box Testing,Static Analysis,Dynamic Analysis,Functional Security Testing,CVSS v4.0 Scoring,OWASP WSTG,OWASP Top 10,OWASP MASTG,MASVS L2,CWE Top 25
Tools and Methodologies: Burp Suite,OWASP ZAP,Nmap,Nessus,OpenVAS,Nikto,SQLMap,Metasploit,Wireshark,Nuclei,Acunetix,AppScan
Mobile & Reverse Engineering: JADX,MobSF,Android static analysis,Mobile application security testing
Web & Network Fundamentals: HTTP,Web technologies HTML, JavaScript,Network scanning and enumeration,Network vulnerability assessment
Reporting & Governance: Security assessment reporting,Remediation validation,Risk analysis and prioritization
Work Experience
Vaeto Technologies Private Limited
Remote
Application VAPT Security Engineer Intern
May 2026 – Present
Performed application and mobile security assessments for client web and Android applications; delivered vulnerability reports and remediation validation.
Tech Stack: Burp Suite, OWASP ZAP, Nuclei, SQLMap, JADX, MobSF, Nmap, Nessus, OpenVAS, Nikto
- Led security assessments for 8 web applications using manual testing and tools (Burp Suite, OWASP ZAP, Nuclei) and delivered technical reports with CVSS v4.0 scoring and prioritized remediation recommendations.
- Performed static analysis and dynamic testing on 2 Android mobile applications using JADX and MobSF; identified insecure storage and exposed API keys and validated remediations in follow-up scans.
- Executed black-box and white-box testing workflows, leveraging SQLMap and Nikto to detect SQL injection and XSS issues and provided reproducible proof-of-concept steps for developers.
- Automated reconnaissance and initial triage using Nmap, Nessus, OpenVAS and Nuclei to accelerate discovery and reduce manual verification effort across engagements.
- Prepared structured security assessment reports and remediation tickets with reproduction steps, severity classification, and verification guidance; supported clients through remediation validation cycles.
- Contributed test cases and templates to the Web Application VAPT Playbook to standardize vulnerability reproduction steps and reporting across assessments.
Cyberensis Infosec
Remote
Cybersecurity Business Development Intern
Mar 2026 – Apr 2026
Combined technical VAPT activities with business development support to produce client proposals and marketing content for an information security firm.
Tech Stack: Burp Suite, OWASP ZAP, SQLMap, Nmap, Nessus, OpenVAS
- Performed VAPT on 1 web application using Burp Suite, SQLMap and OWASP ZAP and authored a prioritized assessment report with CVSS v4.0 scoring and mitigation guidance.
- Conducted network vulnerability assessment for 1 client environment with Nmap, Nessus and OpenVAS; identified misconfigurations and recommended patching and segmentation.
- Created technical content for client-facing PPTs and proposals to clarify service scope and technical approach for prospects.
- Produced 56 cybersecurity posters, 12 AI-generated videos and 15 technical blog posts to increase brand visibility and explain security offerings.
- Supported lead generation through 100+ cold calls, prospect qualification and follow-ups, contributing to the firm’s client acquisition efforts.
- Validated remediation with short verification scans and updated final reports to reflect fixed issues and residual risks.
Frontlines Edutech Pvt Ltd
Remote
Technical Assistance Support Intern
Aug 2025 – Sep 2025
Provided technical support for instructor-led cybersecurity training sessions and hands-on labs for large learner cohorts.
Tech Stack: Burp Suite, MobSF, JADX
- Supported live cybersecurity training sessions for cohorts of 230+ learners by providing hands-on lab assistance and in-session technical support.
- Troubleshot and resolved technical issues across cybersecurity tools and virtual labs to minimize session downtime and interruptions.
- Assisted learners with conceptual and practical questions, clarifying lab exercises and correct tool usage during sessions.
- Documented common technical issues and step-by-step troubleshooting guidance to streamline support for subsequent training batches.
Education
Audisankara University, Gudur
Diploma in Electronics and Communication Engineering • Gudur, Andhra Pradesh, India • 2021 – 2023
Zilla Parishad High School, Kaligiri - 8.2
Secondary School Certificate • Kaligiri, Andhra Pradesh, India • 2020 – 2021
Certifications
Certified Associate Penetration Tester (CAPT) — Hackviser
Achievements
- Responsible vulnerability disclosures to small organizations: Identified and responsibly disclosed vulnerabilities including SQL Injection, Cross-Site Scripting, insecure file upload, price manipulation flaws, and exposed credentials/API keys to small-scale organizations.
Powered by Drivetube · Create your own profile at drivetube.ai