Shivam Bathla
Free Initial Pentest

Penetration Testing & Security Consulting Services

I help organizations identify and mitigate real-world security risks across their digital assets.

7+ years experience • Extensive Middle East audits (PCI / SAMA / NIA / NCA / GDPR) • OSCP / OSWE certified

Request Free Initial Pentest View Services

Security Services

Web & API Penetration Testing
Web & API Penetration Testing

Get your web applications and APIs tested for immunity against external malicious actors.

Source Code Review
Source Code Review

Get your application code tested for hidden bugs (and occassional backdoors left by developers).

Mobile App Pentesting (Android & iOS)
Mobile App Pentesting

Get your Android and/or iOS applications tested for misconfigurations, exposures, and bugs.

Infrastructure & Active Directory Pentesting
Infrastructure & AD Pentesting

Get your infra & Active Directory's immunity tested against internal & external threats.

Cloud Pentesting
Cloud Pentesting

Fortify your cloud environments by uncovering misconfigurations and insecure practices.

AI / LLM Pentesting
AI / LLM Pentesting

Check your AI / LLM applications for exposures and emerging threat vectors.

Purple Teaming, SOC Validation
Purple Teaming

Assess your SOC's readiness and preparations against known and unknown threats covering different stages of attacks.

IoT Pentesting
IoT Pentesting

Assess your internet-connected devices and vehicles for vulnerabilities and exposures.

Security Research
Security Research

Uncover zero-days, EDR / AV / Endpoint security / web proxy / email gateway bypasses & evasions for cutting-edge protection solutions.

Cyber security trainings, Capture the flags & Cyber Ranges
Security Training & CTFs

Hands-on training secure coding practices to your developers, cyber awareness to employees, and web/mobile/AI pentesting to technical staff.

Engagement Model

Flexible consulting engagements including a free initial limited-scope pentest . Get in touch for pricing details.

Industries Served

Certifications

About

I'm an independent application security and offensive security professional with 7+ years of experience helping organizations identify and fix real-world security issues across web applications, APIs, Active Directory environments, IoT and cloud platforms.

My work focuses on uncovering high-impact vulnerabilities that automated scanners and checklist-based assessments miss - particularly in authentication, authorization, business logic, and complex enterprise environments.

In past, I have worked with Pentester Academy for 4 years and have helped train thousands of pentesters around the globe with video courses and cybersecurity labs & CTFs, training them about web, infrastructure, network, and application security, modern binary exploitation, reverse engineering, threat detection, malware analysis.

During my time at watchTowr , I developed a blazingly fast, custom fuzzer to hunt for web vulnerabilities, with an intelligent mutator engine, to look for web vulnerabilites and more, across clients, at scale!

I have worked with some of the accomplished pentesters and trainers from the industry including Vivek Ramachandran , Robin Wood , Pavel Yosifovich , Prasanna K.

If you're looking for a security professional who combines deep technical execution with ongoing research-driven insight, feel free to reach out or fill out your security requirements .

Contact

Reach out to discuss your security requirements or fill out your security requirements .