Nishant Sharma

Nishant Sharma

Product Builder | Cybersecurity Trainer | Project Manager

About Me

Hello! I'm Nishant Sharma. I am an experienced team leader with proven track record in building and managing cost-effective, efficient remote technical teams.

I hold 10+ years of expertise in Cybersecurity R&D, and 5+ years in content/lab development. My work has impacted thousands of students and professionals in over 125+ countries.

I was an early employee at Pentester Academy and was instrumental in scaling it to a successful acquisition.

Professional Skills

Cybersecurity Education
Master
Team Building & Management
Expert
DevSecOps Practices
Advance
WiFi & Cloud Security
Master
Architecture & Code Security Review
Expert
Startup Operations and Operation Optimization
Expert

Work Experience

Director, Lab Platform at INE.com
Oct, 2021 - Present
  • Working closely with Senior Leadership Team to set objectives to create and deliver development/content roadmap.
  • Managing hiring and daily operations for 12+ people Technical team remotely working from India.
  • Adopting DevSecOps practices.
  • Guiding team to create cutting edge labs on Supply Chain Attacks, Windows Active Directory and Azure Active Directory topics.
  • Reduced operational cloud expenses of the lab platform by 25%.
  • Led multiple initiatives to build in-house monitoring, marketing and analystics portals.
  • Conducted 8+ presentations/trainings/workshops in Blackhat, DEF CON, RootCon and OWASP Seasides to promote brand visibility.
  • Led team in development and release of 4 open source tools to community.
  • Led team to create 200+ labs for Azure, GCP and AWS cloud training.
  • Increased engineering team size 4x (i.e. from 4 to 16 members) within 4 months of Pentester Academy by INE.
  • Coded Azure Playground Labs and Azure based GNS3 Networking Labs.
  • Migrated 200+ old eLS legacy labs to PTA lab platform improving uptime and reduced failures/errors by 80%.
  • Conducted knowledge transfer/sharing sessions with instructors and cross developer teams.
    • Head, Research and Development at Pentester Academy (Acquired by INE.com)
    Nov, 2015 - Oct, 2021
  • Played pivotal role in Pentester Academy's growth by contributing in all aspects ranging from Products Development, Sales, Marketing directly working with Founder/CEO Mr. Vivek RamaChandran and eventually in its acquisition by INE.
  • Lead multiple initiatives like Hacker Arsenal, PA YouTube channel, and AttackDefense
  • Lead 6 member content creation team to build 2000+ challenges in 125+ infosec sub-topics for AttackDefense
  • Delivered 6+ paid training, 15+ tools/talks in top conferences (Blackhat, DEF CON, HiTB, RootCon, OWASP NZ), and 10+ live boot camps online.
  • Developed and released 6 open source tools.
  • Developed course content and labs for courses.
    • Member of Technical Staff at Mojo Networks (Acquired by Arista Networks)
    June, 2014 - Oct, 2015
  • Developed upgrades/patches for WIPS and Mojo Networks WiFi Access Point platform.
  • Developed following Access Point features:
  • -- IPSec/EoGRE tunnels
  • -- IPv6 communication and QoS
  • -- 802.11r Fast BSS Transition Roaming
  • -- Client reporting feature and NTP time sync
    • Cyber Forensics Intern at KPMG, India
    May, 2013 - July, 2013
  • Recovered various digital pieces of evidence (in form of files, images, emails) as member of Data Evidence Recovery team.
  • Seized evidence, maintained Chain of Custody, recovered deleted data, submitted meaningful information to lawyers.
    • Technical Assistant at IIIT Delhi
    Aug, 2012 - May, 2014
  • Helped professors in conducting hands-on labs, evaluating assignments and conducting exams.

    • Trainings

  • Attacking and Defending AWS Cloud Environment, Blackhat USA 2022
  • Introduction to Azure Security, DEF CON 30 Workshops
  • Advanced WiFi Exploitation, Blackhat USA 2021
  • Advanced WiFi Exploitation, BSides Canberra 2021
  • Advanced Real-World Penetration Testing, BlackHat Asia 2020
  • Introduction to WiFi Security, Radio Frequency Village, DEF CON 28 (Recorded Video)
  • 1-day in-person workshop for ISEA and IIT Guwahati, 2020
  • 2-day virtual workshop for 350+ Govt. of India officials, 2020
  • Advanced WiFi Exploitation, Blackhat USA 2019
  • Advanced Real-World Penetration Testing, RootCon Philippines 2019
  • Advanced Real-World Penetration Testing, HiTB GSEC Singapore 2019
  • Advanced Real-World Penetration Testing, HiTB Amsterdam 2019
  • Advanced Real-World Penetration Testing, OWASP NZ Day 2019
  • Information Security Awareness (Private clients)
  • WiFi Pentesting Online Bootcamp (5 Batches)
  • Container Security Beginners Online Bootcamp (5 Batches)
  • DevSecOps Online Bootcamp (2 Batches)

    • Tools and Presentations

    Open Source Tools
    Research Presentations
  • AWSGoat: A Damn Vulnerable AWS Infrastructure, Blackhat USA 2022 Arsenal and DEF CON 30 Demolabs
  • AzureGoat: A Damn Vulnerable Azure Infrastructure, Blackhat USA 2022 Arsenal and DEF CON 30 Demolabs
  • ReconPal: Leveraging NLP for Infosec, RootCon Philippines 2020
  • Wi-Bear: Intelligent Autonomous Wi-Fi Honeypot Detection, BSides Canberra, 2019 (Contribution) (Recorded Video)
  • AD VoIP Toolkit: VoIP Analysis Wireshark Plugins, Blackhat Asia 2019 Arsenal
  • WiCy: Monitoring 802.11ac Networks at scale, HiTB Amsterdam Haxpo 2019 (Recorded Video)
  • VoIPShark: Open Source VoIP Analysis Platform, DEFCON China main stage and Demolabs 2019 (Recorded Video)
  • Developing Access Point Rootkits, Wireless Village, DEF CON 27 (Recorded Video)
  • Writing Wireshark Plugins for Security Analysis, Radio Frequency Village, DEF CON 28
  • Writing Wireshark Plugins for Security Analysis, Infosec In The City 2020, Singapore (Recorded Video)
  • Writing Wireshark Plugins for Security Analysis, Radio Frequency Village, DEF CON 27
  • Hunting Threats with Wireshark Plugins, RootCon Philippines 2019 (Recorded Video)
  • BLEMystique: Affordable Custom BLE Target, Blackhat USA 2018 Arsenal and DEFCON 26 Demolabs
  • PA-Toolkit: Wireshark Plugins for Pentesters, Blackhat USA 2018 Arsenal and DEFCON 26 Demolabs
  • Deceptacon: Deception in WiFi, Radio Frequency Village, DEFCON 25
  • Wimonitor: OpenWRT package for remote sniffing, DEFCON 25 Demolabs
  • IIDS: IoT Intrusion Detection System, IoT Village, DEFCON 25
  • WiDy: WiFi 0wnage under $5, Blackhat Asia 2017 Arsenal and DEFCON 25 Demolabs
    • Podcasts
    Discovered Vulnerabilities/Issues
  • CVE-2020-24263, Score: 8.8 HIGH
  • CVE-2020-24264, Score: 9.8 CRITICAL
  • AV evasion vulnerability on Bitdefender's flagship complete PC protection "Bitdefender Total Security 2018" product.
  • Security and Privacy issues in Ola's in-cab WiFi offering (OLA play). Problem was not in the implementation but with the design/architecture.
    • Academic Research

    Professional Chronicles

    Blackhat Arsenal Presentation 2022 Blackhat AWS Training 2022 Pentester Academy Booth RSA Singapore DEF CON Radio Frequency Hacking Village HiTB Amsterdam WiCy Pentester Academy Booth Blackhat Asia DEF CON China Mainstage RootCon Philippines Mainstage Pentester Academy Booth RootCon Philippines
    ×

    Research Talk Playlist

    Education

    Master of Technology (Information Security) from IIIT Delhi
    2012 - 2014
  • Member of Student Council
  • Top 10 Finalist of Infosys Hashers (National Coding Competition) 2012, over 450+ teams from premier colleges participated.
  • Member of Cryptology group
  • Grade: 9 (out of 10)
    • Bachelor of Technology (Computer Science) from Himachal Pradesh University
    2008 - 2012
  • Member of Organizing committee of Technical festival
  • Grade: Hons (Ist Division)
    • Secondary and Senior School Education from Jawahar Navodaya Vidyalaya (CBSE)
    2001 - 2008
  • Scored 87.8% in 10th and 82.3% in 12th (PCM)