Subodh D.

Threat Intelligence Analyst | Infra Recon & Nation-State Actor Tracking | Reports Acknowledged by CERT-In, CERT-Poland, CISA | Red Team x CTI | CVE Chaining | OSINT Researcher

Pune District, Maharashtra, India

About

I’m an independent Threat Intelligence Analyst and Offensive Security Researcher focused on identifying critical exposures across telecom, infrastructure, and energy networks. My work has led to acknowledged remediations by CISA,CERT-In, NCIIPC, CERT-Poland, Orange Polska, and others — often identifying real-world vulnerabilities before they’re visible on mainstream threat feeds. I blend red team mindset with a defender’s strategy — using public OSINT, CVE chaining, and infrastructure recon to reveal high-impact vulnerabilities in live systems. Key Exposure Highlights: • Easton Utilities UPS (AP9630): Internet-facing SNMP, Telnet, and FTP access on APC hardware with exploitable CVEs . Remediation in progress. • NTPC & PowerGrid: Multi-year RPC and SMBGhost exposure across critical infrastructure since 2017. Includes CVE mapping and MITRE ATT&CK alignment. • Vodafone India Routers: Live outbound traffic to Chinese infrastructure. Flagged to and acknowledged by NCIIPC. • Orange Polska ICS Networks: Modbus-GPRS gateways with stealth-wrapped services including IRC, Telnet, and VNC. Acknowleged by CERT-Poland. •Discovered public-facing CVE exposures (XSS) on Supreme Court of India site; submitted to NCIIPC with full version trace and CVE linkage. •Discovered Multiple Security issues in Government of Maharashtra website Including RCE, reported to CERT-In and got acknowlegment for the same I operate at the intersection of red team tactics and strategic cyber threat intelligence, identifying exposures that bypass conventional scanners. My work is evidence-based, adversary-aware, and designed to lead to concrete security outcomes. Currently open to roles in CTI, infrastructure security, red team intelligence, or hybrid threat research roles. Let’s connect if you’re looking for high-impact intelligence beyond surface-level indicators.

Experience

  • Security Researcher at CERT-In
    Sep 2024 - Present · 1 yr 11 mos

  • Bug Bounty hunter at HackerOne
    Mar 2024 - Present · 2 yrs 5 mos

    https://hackerone.com/the1above_all

  • CTF Player at Hack The Box
    Jun 2022 - Present · 4 yrs 2 mos

    https://app.hackthebox.com/profile/998306

  • CTF Player at TryHackMe
    Apr 2022 - Present · 4 yrs 4 mos

    https://tryhackme.com/r/p/The1aboveall