Nishant Sharma

Product Builder | Cybersecurity Trainer | Project Manager

About Me

Hello! I'm Nishant Sharma. I am an experienced team leader with proven track record in building and managing cost-effective, efficient remote technical teams.

I hold 10+ years of expertise in Cybersecurity R&D, and 5+ years in content/lab development. My work has impacted thousands of students and professionals in over 125+ countries.

I was an early employee at Pentester Academy and was instrumental in scaling it to a successful acquisition.

Professional Skills

Cybersecurity Education
Master
Team Building & Management
Expert
DevSecOps Practices
Advance
WiFi & Cloud Security
Master
Architecture & Code Security Review
Expert
Startup Operations and Operation Optimization
Expert

Work Experience

Director, Lab Platform at INE.com
Oct, 2021 - Present
  • Working closely with Senior Leadership Team to set objectives to create and deliver development/content roadmap.
  • Managing hiring and daily operations for 12+ people Technical team remotely working from India.
  • Adopting DevSecOps practices.
  • Guiding team to create cutting edge labs on Supply Chain Attacks, Windows Active Directory and Azure Active Directory topics.
  • Reduced operational cloud expenses of the lab platform by 25%.
  • Led multiple initiatives to build in-house monitoring, marketing and analystics portals.
  • Conducted 8+ presentations/trainings/workshops in Blackhat, DEF CON, RootCon and OWASP Seasides to promote brand visibility.
  • Led team in development and release of 4 open source tools to community.
  • Led team to create 200+ labs for Azure, GCP and AWS cloud training.
  • Increased engineering team size 4x (i.e. from 4 to 16 members) within 4 months of Pentester Academy by INE.
  • Coded Azure Playground Labs and Azure based GNS3 Networking Labs.
  • Migrated 200+ old eLS legacy labs to PTA lab platform improving uptime and reduced failures/errors by 80%.
  • Conducted knowledge transfer/sharing sessions with instructors and cross developer teams.
  • Head, Research and Development at Pentester Academy (Acquired by INE.com)
    Nov, 2015 - Oct, 2021
  • Played pivotal role in Pentester Academy's growth by contributing in all aspects ranging from Products Development, Sales, Marketing directly working with Founder/CEO Mr. Vivek RamaChandran and eventually in its acquisition by INE.
  • Lead multiple initiatives like Hacker Arsenal, PA YouTube channel, and AttackDefense
  • Lead 6 member content creation team to build 2000+ challenges in 125+ infosec sub-topics for AttackDefense
  • Delivered 6+ paid training, 15+ tools/talks in top conferences (Blackhat, DEF CON, HiTB, RootCon, OWASP NZ), and 10+ live boot camps online.
  • Developed and released 6 open source tools.
  • Developed course content and labs for courses.
  • Member of Technical Staff at Mojo Networks (Acquired by Arista Networks)
    June, 2014 - Oct, 2015
  • Developed upgrades/patches for WIPS and Mojo Networks WiFi Access Point platform.
  • Developed following Access Point features:
  • -- IPSec/EoGRE tunnels
  • -- IPv6 communication and QoS
  • -- 802.11r Fast BSS Transition Roaming
  • -- Client reporting feature and NTP time sync
  • Cyber Forensics Intern at KPMG, India
    May, 2013 - July, 2013
  • Recovered various digital pieces of evidence (in form of files, images, emails) as member of Data Evidence Recovery team.
  • Seized evidence, maintained Chain of Custody, recovered deleted data, submitted meaningful information to lawyers.
  • Technical Assistant at IIIT Delhi
    Aug, 2012 - May, 2014
  • Helped professors in conducting hands-on labs, evaluating assignments and conducting exams.
  • Trainings

  • Attacking and Defending AWS Cloud Environment, Blackhat USA 2022
  • Introduction to Azure Security, DEF CON 30 Workshops
  • Advanced WiFi Exploitation, Blackhat USA 2021
  • Advanced WiFi Exploitation, BSides Canberra 2021
  • Advanced Real-World Penetration Testing, BlackHat Asia 2020
  • Introduction to WiFi Security, Radio Frequency Village, DEF CON 28 (Recorded Video)
  • 1-day in-person workshop for ISEA and IIT Guwahati, 2020
  • 2-day virtual workshop for 350+ Govt. of India officials, 2020
  • Advanced WiFi Exploitation, Blackhat USA 2019
  • Advanced Real-World Penetration Testing, RootCon Philippines 2019
  • Advanced Real-World Penetration Testing, HiTB GSEC Singapore 2019
  • Advanced Real-World Penetration Testing, HiTB Amsterdam 2019
  • Advanced Real-World Penetration Testing, OWASP NZ Day 2019
  • Information Security Awareness (Private clients)
  • WiFi Pentesting Online Bootcamp (5 Batches)
  • Container Security Beginners Online Bootcamp (5 Batches)
  • DevSecOps Online Bootcamp (2 Batches)
  • Tools and Presentations

    Open Source Tools
    Research Presentations
  • AWSGoat: A Damn Vulnerable AWS Infrastructure, Blackhat USA 2022 Arsenal and DEF CON 30 Demolabs
  • AzureGoat: A Damn Vulnerable Azure Infrastructure, Blackhat USA 2022 Arsenal and DEF CON 30 Demolabs
  • ReconPal: Leveraging NLP for Infosec, RootCon Philippines 2020
  • Wi-Bear: Intelligent Autonomous Wi-Fi Honeypot Detection, BSides Canberra, 2019 (Contribution) (Recorded Video)
  • AD VoIP Toolkit: VoIP Analysis Wireshark Plugins, Blackhat Asia 2019 Arsenal
  • WiCy: Monitoring 802.11ac Networks at scale, HiTB Amsterdam Haxpo 2019 (Recorded Video)
  • VoIPShark: Open Source VoIP Analysis Platform, DEFCON China main stage and Demolabs 2019 (Recorded Video)
  • Developing Access Point Rootkits, Wireless Village, DEF CON 27 (Recorded Video)
  • Writing Wireshark Plugins for Security Analysis, Radio Frequency Village, DEF CON 28
  • Writing Wireshark Plugins for Security Analysis, Infosec In The City 2020, Singapore (Recorded Video)
  • Writing Wireshark Plugins for Security Analysis, Radio Frequency Village, DEF CON 27
  • Hunting Threats with Wireshark Plugins, RootCon Philippines 2019 (Recorded Video)
  • BLEMystique: Affordable Custom BLE Target, Blackhat USA 2018 Arsenal and DEFCON 26 Demolabs
  • PA-Toolkit: Wireshark Plugins for Pentesters, Blackhat USA 2018 Arsenal and DEFCON 26 Demolabs
  • Deceptacon: Deception in WiFi, Radio Frequency Village, DEFCON 25
  • Wimonitor: OpenWRT package for remote sniffing, DEFCON 25 Demolabs
  • IIDS: IoT Intrusion Detection System, IoT Village, DEFCON 25
  • WiDy: WiFi 0wnage under $5, Blackhat Asia 2017 Arsenal and DEFCON 25 Demolabs
  • Podcasts
    Discovered Vulnerabilities/Issues
  • CVE-2020-24263, Score: 8.8 HIGH
  • CVE-2020-24264, Score: 9.8 CRITICAL
  • AV evasion vulnerability on Bitdefender's flagship complete PC protection "Bitdefender Total Security 2018" product.
  • Security and Privacy issues in Ola's in-cab WiFi offering (OLA play). Problem was not in the implementation but with the design/architecture.
  • Academic Research

    Professional Chronicles

    ×

    Research Talk Playlist

    Education

    Master of Technology (Information Security) from IIIT Delhi
    2012 - 2014
  • Member of Student Council
  • Top 10 Finalist of Infosys Hashers (National Coding Competition) 2012, over 450+ teams from premier colleges participated.
  • Member of Cryptology group
  • Grade: 9 (out of 10)
  • Bachelor of Technology (Computer Science) from Himachal Pradesh University
    2008 - 2012
  • Member of Organizing committee of Technical festival
  • Grade: Hons (Ist Division)
  • Secondary and Senior School Education from Jawahar Navodaya Vidyalaya (CBSE)
    2001 - 2008
  • Scored 87.8% in 10th and 82.3% in 12th (PCM)