~/anand $ cat resume.txt
root@anandsreekumar.com
=======================
cybersecurity engineer · bug bounty hunter · hybrid athlete
socials
-------
linkedinlinkedin.com/in/anandsreekumaras
twittertwitter.com/anandsreekumar_
githubgithub.com/anandsreekumaras
instagraminstagram.com/anandsreekumaras
stackoverflowstackoverflow.com/users/5317663/anand-a-s
what i do
=========

cybersecurity engineer

@ ey global delivery services

independent bug bounty hunter

write-ups
=========
cloudflare workers and d1 as a stealthy c2 framework for data exfiltration
march 2025 | cloudflare · c2 · evasion
remote code execution via dependency confusion
march 2024 | rce · supply chain · h1
abusing graphql idor to delete another user's profile picture
july 2022 | graphql · idor
blind ssrf via dns rebinding
april 2022 | ssrf · dns rebinding
tools
-----
knockknock [2019]
bash script for ip/host filtering via http status codes
github.com/anandsreekumaras/knockknock
chromeshot [2019]
headless chrome tool for visual recon
github.com/anandsreekumaras/chromeshot
miscellaneous
-------------
first prize, c0c0n 2024 ctf — news coverage
talk at defcon dc0471 meetup 0x02 [september 2018] — event photos
contact
-------

mail@anandsreekumar.com

------------------------------------------------------------------------
(c) 2026 anand sreekumar · trivandrum, kerala