Dibyajyoti Dutta

I am an OSCP-certified penetration tester with strong expertise in securing web applications, mobile applications, APIs, and AWS cloud environments. My work focuses not just on finding vulnerabilities, but on delivering measurable impact by preventing real financial, operational, and reputational damage for my clients.

I have led multiple end-to-end security assessments where my findings directly protected organizations from major risks. In one engagement, I identified a chain of access control flaws in a fintech platform serving over 500,000 users, preventing what could have been a large-scale account takeover incident and saving the company from potential financial losses and regulatory scrutiny. In another project, I uncovered critical IDOR and authentication issues in an e-commerce API processing millions of monthly transactions, helping the client avoid customer data exposure and protecting their brand reputation. My AWS security review for a SaaS client exposed misconfigured S3 buckets, and insecure deployment pipelines; fixing these issues eliminated high-risk attack vectors that could have led to complete infrastructure compromise.

I also conduct phishing simulations designed to measure and improve user resilience. One of my recent campaigns reduced employee click-through rates from 38% to 6%, significantly lowering the organization’s exposure to social engineering attacks and helping strengthen internal security culture.

My approach blends technical depth with clear communication, actionable reporting, and a strong focus on business value. Whether you need a thorough penetration test, a detailed cloud assessment, or a realistic phishing campaign, I bring reliability, professionalism, and results that genuinely strengthen your security posture.

My goal is simple: protect your systems, safeguard your data, and help your business stay resilient against real-world threats.