Experience Projects Skills Certs Achievements Contact
Available for engagements

Hello, I'm
Prabhat Kumar
Thakur

|

Cybersecurity professional specialising in web, API and network penetration testing. CTF champion & hands-on trainer based in Kathmandu, Nepal.

Prabhat
0yr+

Professional Experience

0

Certifications

0x

CTF Champion

0hr+

Training Delivered

Experience

Offensive Security Analyst

Cryptogen Nepal Pvt. Ltd.

Naxal, Kathmandu

Dec 2024 – Present
  • Conduct vulnerability assessments and penetration testing on web applications, APIs, and internal networks.
  • Deliver technical and executive reports with findings, business impact, and remediation guidance.
  • Collaborate with client teams to verify and remediate identified vulnerabilities.
  • Leverage Burp Suite, OWASP ZAP, SQLMap, and custom tooling for offensive assessments.

Cybersecurity Trainer · Part-Time

Texas College of Management & IT

Chabahil, Kathmandu

Jan – Feb 2026
  • Delivered a 50+ hour hands-on training program for undergraduate students.
  • Covered Linux, networking, web security, reconnaissance, and ethical hacking methodology.
  • Ran labs using Kali Linux, Nmap, DVWA, and OWASP Juice Shop.
  • Taught OWASP Top 10, SQL Injection, and XSS through live practical examples.
  • Mentored students on cybersecurity career paths and lab setup.

Projects

Subdomain Finder

A Python-based reconnaissance tool for passive subdomain enumeration. Automates the discovery of subdomains associated with a target domain — a core step in the external attack surface mapping phase of a pentest.

Python Reconnaissance OSINT

Image Steganography

A Django web application that implements image steganography — embedding hidden data inside image files. Demonstrates data concealment techniques used in covert communication and digital forensics analysis.

Python Django Steganography Forensics

File Encryption & Decryption

A Python tool for symmetric file encryption and decryption. Applies cryptographic principles to protect sensitive files at rest — relevant to data protection, secure storage, and understanding ransomware attack mechanics.

Python Cryptography Security

Skills & Tools

Security Testing

Web Penetration Testing API Security Testing Network Pentesting Vulnerability Assessment OWASP Top 10 SQL Injection XSS IDOR

Tools

Burp Suite OWASP ZAP Metasploit Nmap SQLMap Nuclei Kali Linux Wireshark

Labs & Training

DVWA OWASP Juice Shop TryHackMe HackTheBox CTF Design Linux Networking

Certifications

CRTA

Certified Red Team Analyst

CyberWarFare Labs

Sep 2025
ACP

APIsec Certified Practitioner

APIsec University

Aug 2025
BTJA

Blue Team Junior Analyst

Security Blue Team

Aug 2025
CNSP

Certified Network Security Practitioner

The SecOps Group

Jan 2026
CASA

Certified API Security Analyst

APIsec University

Apr 2026

Achievements

CTF Wins

🥇

PTN CTF 2025

PenTester Nepal · Aug 2025

🥇

Softwarica CTF 2024

Softwarica College of IT and E-Commerce · May 2024

🥇

Batch 34 Softwarica CTF 2023

Softwarica College of IT and E-Commerce · Oct 2023

Community

CTF Challenge Designer & Host

Nov & Feb 2025

Hack South West — Exeter, UK

  • Designed and managed challenges for an international CTF.
  • Supported participants and coordinated event deployment.

National Cyber Drill 2081 — CTF Associate

Apr 2025

NCSC Nepal — Kathmandu

  • Facilitated CTF and awareness training for government IT workers.
  • Demonstrated real-world attack and defensive scenarios.
  • Advised on secure data handling, hardening, and cyber hygiene.

Education

BSc (Hons) Ethical Hacking and Cybersecurity

Softwarica College of IT and E-Commerce

Kathmandu, Nepal

Mar 2023 – Mar 2026

Let's Work Together

Available for penetration testing engagements, security consulting, and training. Let's talk about how I can help secure your systems.