Skip to content

Botta Sai Prasad

Junior VAPT Analyst • Nellore, Andhra Pradesh, India • s***********@gmail.com • +91*******626 • drivetube.ai/•••••

Professional Summary

Junior VAPT Analyst with 2+ years of experience in Web, Mobile Application, and Network security testing. Skilled in vulnerability assessment and penetration testing (black-box and white-box), static analysis for mobile apps, CVSS v4.0 scoring, security reporting, and remediation validation. Seeking a Junior VAPT Analyst role to apply hands-on testing experience and improve application security posture.

Technical Skills

Web Technologies: REST APIs
Testing: Vulnerability Assessment and Penetration Testing VAPT,Black Box Testing,White Box Testing,Static Analysis,Dynamic Analysis,Functional Security Testing,CVSS v4.0 Scoring,OWASP WSTG,OWASP Top 10,OWASP MASTG,MASVS L2,CWE Top 25
Tools and Methodologies: Burp Suite,OWASP ZAP,Nmap,Nessus,OpenVAS,Nikto,SQLMap,Metasploit,Wireshark,Nuclei,Acunetix,AppScan
Mobile & Reverse Engineering: JADX,MobSF,Android static analysis,Mobile application security testing
Web & Network Fundamentals: HTTP,Web technologies HTML, JavaScript,Network scanning and enumeration,Network vulnerability assessment
Reporting & Governance: Security assessment reporting,Remediation validation,Risk analysis and prioritization

Work Experience

Vaeto Technologies Private Limited
Remote
Application VAPT Security Engineer Intern
May 2026 – Present
Performed application and mobile security assessments for client web and Android applications; delivered vulnerability reports and remediation validation.
Tech Stack: Burp Suite, OWASP ZAP, Nuclei, SQLMap, JADX, MobSF, Nmap, Nessus, OpenVAS, Nikto
  • Led security assessments for 8 web applications using manual testing and tools (Burp Suite, OWASP ZAP, Nuclei) and delivered technical reports with CVSS v4.0 scoring and prioritized remediation recommendations.
  • Performed static analysis and dynamic testing on 2 Android mobile applications using JADX and MobSF; identified insecure storage and exposed API keys and validated remediations in follow-up scans.
  • Executed black-box and white-box testing workflows, leveraging SQLMap and Nikto to detect SQL injection and XSS issues and provided reproducible proof-of-concept steps for developers.
  • Automated reconnaissance and initial triage using Nmap, Nessus, OpenVAS and Nuclei to accelerate discovery and reduce manual verification effort across engagements.
  • Prepared structured security assessment reports and remediation tickets with reproduction steps, severity classification, and verification guidance; supported clients through remediation validation cycles.
  • Contributed test cases and templates to the Web Application VAPT Playbook to standardize vulnerability reproduction steps and reporting across assessments.
Cyberensis Infosec
Remote
Cybersecurity Business Development Intern
Mar 2026 – Apr 2026
Combined technical VAPT activities with business development support to produce client proposals and marketing content for an information security firm.
Tech Stack: Burp Suite, OWASP ZAP, SQLMap, Nmap, Nessus, OpenVAS
  • Performed VAPT on 1 web application using Burp Suite, SQLMap and OWASP ZAP and authored a prioritized assessment report with CVSS v4.0 scoring and mitigation guidance.
  • Conducted network vulnerability assessment for 1 client environment with Nmap, Nessus and OpenVAS; identified misconfigurations and recommended patching and segmentation.
  • Created technical content for client-facing PPTs and proposals to clarify service scope and technical approach for prospects.
  • Produced 56 cybersecurity posters, 12 AI-generated videos and 15 technical blog posts to increase brand visibility and explain security offerings.
  • Supported lead generation through 100+ cold calls, prospect qualification and follow-ups, contributing to the firm’s client acquisition efforts.
  • Validated remediation with short verification scans and updated final reports to reflect fixed issues and residual risks.
Frontlines Edutech Pvt Ltd
Remote
Technical Assistance Support Intern
Aug 2025 – Sep 2025
Provided technical support for instructor-led cybersecurity training sessions and hands-on labs for large learner cohorts.
Tech Stack: Burp Suite, MobSF, JADX
  • Supported live cybersecurity training sessions for cohorts of 230+ learners by providing hands-on lab assistance and in-session technical support.
  • Troubleshot and resolved technical issues across cybersecurity tools and virtual labs to minimize session downtime and interruptions.
  • Assisted learners with conceptual and practical questions, clarifying lab exercises and correct tool usage during sessions.
  • Documented common technical issues and step-by-step troubleshooting guidance to streamline support for subsequent training batches.

Education

Audisankara University, Gudur
Diploma in Electronics and Communication Engineering • Gudur, Andhra Pradesh, India • 2021 – 2023
Zilla Parishad High School, Kaligiri - 8.2
Secondary School Certificate • Kaligiri, Andhra Pradesh, India • 2020 – 2021

Certifications

Certified Associate Penetration Tester (CAPT) — Hackviser

Achievements

  • Responsible vulnerability disclosures to small organizations: Identified and responsibly disclosed vulnerabilities including SQL Injection, Cross-Site Scripting, insecure file upload, price manipulation flaws, and exposed credentials/API keys to small-scale organizations.

Powered by Drivetube · Create your own profile at drivetube.ai