Govind Pratap Singh

Building Secure Systems — Breaking Them Too

Govind Pratap Singh | Security Engineer & Python/FastAPI Developer

🔒 Web/API/Mobile Security | 🐍 Python/FastAPI Backend | 🚀 DevSecOps

|
NASA VDP Hall of Fame
CVE-2025-61246 (9.8)
Python/FastAPI Expert
SOC Operations (50+ Labs)
DevSecOps Practitioner
Technical Writer

About Me

My Philosophy

"I'm a Cybersecurity Professional and Python/FastAPI Backend Developer with a unique blend of offensive security expertise and backend engineering skills. I don't just find vulnerabilities — I build secure backend systems from the ground up. Recognized in NASA's VDP Hall of Fame and author of CVE-2025-61246 (CVSS 9.8), I bring real-world security experience to every project." "Beyond offensive security, I possess strong foundational knowledge in Security Operations (SOC) — including SIEM monitoring, log analysis, incident response, and threat hunting — gained through 50+ hands-on labs on TryHackMe and the Google Cybersecurity Professional Certificate curriculum."

"I believe security is not a feature — it's a mindset. Every line of backend code I write is secured by default, and every vulnerability I find teaches me how to write better code."

Security Engineer

  • Web/API/Mobile Pentesting
  • Vulnerability Assessment
  • OWASP Top 10 | Threat Modeling
  • Burp Suite | Nmap | Metasploit

Backend Developer

  • Python | FastAPI | Django
  • REST APIs | WebSockets
  • PostgreSQL | Redis | MongoDB
  • Docker | Kubernetes | CI/CD

DevSecOps

  • Secure CI/CD Pipelines
  • Security Automation
  • Container Security
  • Infrastructure as Code

Expertise

Technical Skills

Cybersecurity & SOC

Penetration Testing

Web App (VAPT) API Security Android Pentesting Business Logic Testing Auth/Authz Testing Risk Assessment

Vulnerability Assessment

OWASP Top 10 SQLi / XSS / IDOR Broken Access Control CVSS v3.1 Scoring

Security Operations (SOC)

SIEM (Splunk, ELK) Incident Response Threat Hunting Log Analysis Alert Triage MITRE ATT&CK

Reconnaissance & Tools

Burp Suite Pro OWASP ZAP Nmap Metasploit sqlmap / ffuf Wireshark MobSF / JADX OSINT / Amass

Backend Development

Python Ecosystem

Python 3.12+ FastAPI Django Django REST Framework Pydantic v2 SQLAlchemy

APIs & Real-Time

REST APIs WebSockets Async/Await JWT / OAuth2 GraphQL

Databases & Caching

PostgreSQL MySQL MongoDB Redis Celery

DevOps & Cloud

Docker Kubernetes GitHub Actions Jenkins Cloud Deployment AWS / GCP Nginx CI/CD Pipelines

Portfolio

Featured Projects

Category: Cybersecurity

CVE Radar

CVE Radar

Real-time threat intelligence platform monitoring NIST NVD for CVEs. Features AI-powered analysis with NVIDIA NIM (Llama 3.1) and custom alerts. Helps SOC analysts prioritize vulnerabilities.

PythonFlaskPostgreSQLDocker
AutoRecon

AutoRecon

Automated reconnaissance framework integrating Amass, Subfinder, Nmap, Nikto, ffuf, and Waybackurls for attack surface mapping and vulnerability correlation.

PythonBashOSINTNmap

Category: Python + FastAPI (Backend Projects)

Secure REST API with FastAPI

Production-ready REST API with FastAPI, JWT authentication, role-based access control, PostgreSQL via SQLAlchemy, Redis caching, and Docker containerization. Fully async with Pydantic v2 validation.

PythonFastAPIPostgreSQLRedis

Vulnerability Tracker API (Django REST)

Comprehensive Django REST Framework API for tracking CVEs and vulnerabilities. Includes CVSS scoring, Celery async notifications, bulk NVD JSON imports, and custom status workflows.

PythonDjangoPostgreSQLCelery

Real-Time Threat Feed (FastAPI + WebSockets)

Live threat intelligence feed using FastAPI WebSockets and Redis pub/sub. Streams newly published CVEs to connected dashboards in real-time. Deployed via Docker + Kubernetes.

FastAPIWebSocketsRedisKubernetes

DevSecOps CI/CD Pipeline

Automated security-integrated CI/CD pipeline using GitHub Actions and Jenkins. Includes SAST, dependency scanning, Docker image scanning, and cloud deployment to AWS/GCP.

GitHub ActionsJenkinsDockerAWS

Journey

Achievements & Certifications

NASA VDP Hall of Fame

View Disclosure

Inducted for responsible disclosure of security vulnerabilities impacting NASA's public-facing infrastructure. Recognized by Bugcrowd.

CVE-2025-61246 Author

View CVE

Discovered and published a Critical SQL Injection vulnerability (CVSS 9.8). Provided a full PoC exploit, remediation guidance, and a Docker-based vulnerable lab environment.

Certifications

Quick Stats

  • TryHackMe Top 9% Global Rank (50+ Labs in SOC, CTI, Pentesting, Blue Team)
  • 15+ Vulnerabilities found during Internship
  • 500+ Daily Active Users on CVE Radar
  • 15+ Technical articles (4000+ total reads)

Writing

Technical Articles

Cybersecurity (Medium)

  • 1. How I Found My First CVE: SQL Injection Deep Dive
  • 2. NASA VDP Hall of Fame — My Responsible Disclosure Journey
  • 3. OWASP Top 10: Practical Exploitation Guide for Beginners
  • 4. Red Team 101: Complete Reconnaissance Methodology
  • 5. XSS to RCE: Chaining Vulnerabilities for Maximum Impact
  • 6. SOC 101: SIEM Log Analysis for Beginners
  • 7. Incident Response Lifecycle: From Detection to Recovery

Python & FastAPI (Backend Focus)

  • 1. FastAPI Deep Dive: Building Async REST APIs with Python
  • 2. Django REST Framework: Complete Security Guide
  • 3. Secure Coding in Python: OWASP Top 10 for Developers
  • 4. DevSecOps: Integrating Security in CI/CD Pipelines
  • 5. WebSockets with FastAPI: Real-Time APIs Guide
  • 6. Docker + Kubernetes: Deploying Python Apps at Scale
  • 7. Redis + Celery: Async Task Queues in Python

"Govind's security findings helped us prevent a major data breach. His reports are detailed, actionable, and developer-friendly."

— Ceeras IT Services

"One of the most dedicated security researchers I've worked with. His approach to vulnerability discovery is methodical and thorough."

— Bugcrowd Community

"Govind's dual expertise in security and software development is rare. He doesn't just report vulnerabilities — he provides production-ready fixes."

— Open Source Contributor

Get In Touch

Open for pentesting, security engineering, and Python/FastAPI developer roles.

Contact Information

govindsinghpratap123@gmail.com

+91 6396448562

Bareilly, Uttar Pradesh, India

Currently Open For:

  • ✓ Penetration Testing Engagements
  • ✓ Security Engineering Roles
  • ✓ Python/FastAPI Backend Developer Positions
  • ✓ DevSecOps Opportunities
  • ✓ Freelance Security Consulting
  • ✓ Open Source Collaboration