+ edit
~/
~/about

~whoami

Security Researcher and Penetration Tester based in Goa, India. Specializing in Web3 security, VAPT, and OSINT intelligence operations.

I’m a dropout — not because I wanted to be, but because financial constraints made continuing impossible. That chapter closed, but it didn’t stop me. I picked up a laptop, started learning on my own, and got to work. No classroom, no shortcuts.

Today I do the same work that people with fancy degrees and certifications do — sometimes better, because every skill I have was earned through actual practice, not an exam. I’ve identified vulnerabilities that automated tools missed. I’ve traced threat actors across the dark web. I’ve audited smart contracts handling real money.

I don’t have a CISSP or an OSCP framed on a wall. I have results.

I plan to go back to formal education once I’m financially stable — not because I need a degree to do this work, but because I believe in finishing what I started. Until then, the work speaks.

~what i do

Web3 & Blockchain

  • Solidity smart contract auditing
  • DeFi vulnerability research — reentrancy, flash loans, oracle manipulation
  • dApp security, EVM logic analysis
  • Cross-chain bridge protocol review

Offensive Security

  • Manual VAPT — Web, API, Network
  • Custom exploit scripting in Python and JavaScript
  • Logic-based penetration testing (the bugs automated tools never find)
  • Red team operations under NDA

Intelligence

  • DarkWeb threat hunting and stealer log analysis
  • SOCMINT — social media intelligence and threat actor profiling
  • OSINT investigations — GEOINT, HUMINT correlation
  • LEA-grade reporting

~tools i’ve built

  • Pinaka — penetration testing framework for Web, Network, and API layers
  • Sentinel-Web3 — malicious wallet cluster monitor and DeFi threat signature tracker
  • SocMint-X — manual-first OSINT framework for deep-dive footprinting without triggering platform alerts
  • IntelScout — ransomware feed and recon automation (private)
  • FrontierWatch — automated OSINT/GeoINT monitor for regional threat activity
  • FenrirEye — open-source border risk monitoring system

~experience

Web3 Security Researcher — Remote (Budapest, Hungary) — Jan 2026 – Apr 2026 Deep-dive manual Solidity code reviews. DeFi logic analysis. Cross-chain bridge protocol assessment. Bug reports with full remediation steps.

Freelance Penetration Tester — March 2022 – Present Web application and network security assessments. Consistently finding critical vulnerabilities missed by automated scanners. 100% NDA adherence. Custom tooling for specialized targets.

Threat Intelligence / OSINT Analyst — August 2023 – Present Independent research. DarkWeb marketplace monitoring. Stealer log analysis. Proprietary SOCMINT methodologies for tracking threat communication channels.

~need dev work?

I focus on security. If you need software development — web apps, mobile, backend systems — I can refer you to trusted developers I’ve worked with directly. Good people who get things done.

Reach out and I’ll make the introduction.

~education

Bachelor of Computer Applications (BCA) — incomplete due to financial constraints. Self-taught in offensive security, blockchain development, and intelligence analysis since 2021. Continuing education planned when financial stability allows.

Chai4Me @0xprit3sh

// if my work helped you, buy me a chai ☕

// contact
emailprit3shnaik19@gmail.com
github@prit3shnaik
linkedinpritesh-naik-1y022
twitter@_prit3sh_naik
// pgp / verify
https://openpgp.org
// share profile