Sovan Das

Aspiring Cybersecurity Professional

root@kali:~#

Contact Me View Projects View Certifications

About Me

👋 Hi, I'm Sovan Das
Aspiring Cybersecurity Professional and founder of Das InfoSec.

I hold a B.Sc. in Digital Forensic Degree with real hands-on experience — from CTFs and labs to personal tools and projects. Currently, I'm interning as a Penetration Tester at TCR Security, diving deep into offensive security, bug hunting, and live web app testing.

I'm fascinated by how systems work — and more so, how they can be exploited. From tracing digital footprints to solving technical puzzles, I enjoy the thrill of investigation and critical thinking.

I'm also passionate about Blue Teaming. That's why I'm actively leveling up for SOC Analyst roles — learning SIEMs, threat hunting, log analysis, and everything that makes a SOC tick.

When I'm not hacking systems (ethically, of course), I'm running Das InfoSec — my solo EduTech venture where I teach cybersecurity and AI to beginners through YouTube, masterclasses, and community-driven tools like my CyberSafe Toolkit.

I believe learning is best when shared. You'll find me on LinkedIn, GitHub, and YouTube (@DasInfoSec), sharing what I learn with those walking the same path.

Right now, I'm actively looking for an entry-level cybersecurity role (SOC, VAPT, Analyst) where I can grow fast, contribute meaningfully, and be part of a mission that matters.

If you're into cybercrime, threat intel, AI, or tech in general, let's connect — I'm always down to learn, build, and collaborate.

Education

Bachelor of Science in Digital Forensic

Maulana Abul Kalam Azad University of Technology, Kolkata

2021 to 2024

CGPA: 8.70/10 (82.65%)

Academic Highlights

Specialized in Digital Forensics and Cybercrime Investigation techniques
Completed research project on "Advanced Memory Forensics Techniques"
Participated in university-level cybersecurity competitions
Maintained consistent academic excellence throughout the program

Experience

Founder

Das InfoSec Kolkata (Hybrid)

Feb 2024 - Present

Created and managed cybersecurity content for YouTube, focusing on educational tutorials and awareness.
Provided cybersecurity consulting services and conducted VAPT assessments.
Delivered online cybersecurity training and conducted bug bounty hunting.
Performed digital forensics analysis and cybercrime investigations.
Organized webinars and seminars for cybersecurity awareness.
Offered technical support and guidance in cybersecurity matters.

Penetration Tester Intern

TCR Security Jaipur (Remote)

Oct 2024 - Present

Conducted VAPT on web applications and networks using tools like Burp Suite, Nmap, and Nikto.
Reported vulnerabilities like SQLi, RCE, XSS and submitted actionable remediation steps.
Practiced bug hunting, recon, and privilege escalation in lab environments.

Technical Skills

Digital Forensics Concepts

Chain of Custody 92%

Documentation of evidence handling
Ensuring evidence integrity
Legal compliance in evidence management

Evidence Handling 90%

Proper evidence collection techniques
Digital evidence preservation
Media storage and protection

Timeline Analysis 88%

Event reconstruction
Chronological activity mapping
Timestamp correlation across sources

Anti-Forensics Detection 86%

Identifying evidence tampering
Recovery of deleted/altered data
Counter-measures to anti-forensic techniques

Cybersecurity Concepts

CIA Triad 90%

Confidentiality protection
Integrity verification
Availability assurance

OWASP Top 10 85%

Web application vulnerabilities
Security misconfigurations
Authentication weaknesses

Cryptography 80%

Symmetric/Asymmetric encryption
Digital signatures
Cryptographic protocols

Social Engineering 85%

Phishing attack prevention
Security awareness training
Human factor analysis

VAPT 85%

Vulnerability Assessment and Penetration Testing
Exploit development and mitigation
Security posture evaluation

DFIR 88%

Digital Forensics and Incident Response
Evidence collection and preservation
Artifact analysis and recovery

OSINT 84%

Open Source Intelligence gathering
Information reconnaissance
Data correlation and analysis

SOC 87%

Security Operations Center
Threat monitoring and detection
Alert triage and response

Networking Concepts

OSI & TCP/IP Models 90%

Layer functions and protocols
Protocol encapsulation
Data flow and addressing

Network Infrastructure 85%

Routing and switching
LAN/WLAN configuration
Network topologies

Network Security 88%

Firewall configuration
IDS/IPS implementation
Network monitoring

Protocols & Services 85%

HTTP/HTTPS, FTP, SSH
DNS, DHCP, SMTP
VPN and tunneling

Operating Systems

Windows 90%

Windows Registry analysis
Event Log investigation
PowerShell automation
Active Directory management

MacOS 85%

System integrity protection
XProtect management
FileVault encryption
Terminal commands & scripts

Kali Linux 95%

Advanced penetration testing and security auditing
Wireless network analysis
Web application security testing
Forensics and reverse engineering

CAINE 85%

Digital forensics investigation
Evidence collection and analysis
Data recovery
Memory analysis

SOC (Security Operations Center)

Splunk

SIEM platform for log analysis and monitoring

QRadar

IBM security intelligence platform

ArcSight

Enterprise security management platform

LogRhythm

Security intelligence and analytics platform

AlienVault

Unified security management platform

Phantom

Security orchestration and automated response

FireEye

Advanced threat detection and response

Carbon Black

Endpoint detection and response platform

Network Security

Nmap

Network discovery and security scanning

Wireshark

Network protocol analyzer and packet capture

Burp Suite

Web vulnerability scanner and proxy

Metasploit

Penetration testing framework

Nessus

Vulnerability scanner

OpenVAS

Open-source vulnerability scanner

Suricata

High performance IDS/IPS and network monitoring

Snort

Network intrusion detection system

Web Application Security

OWASP ZAP

Web app security scanner

Acunetix

Automated web vulnerability scanner

Nikto

Web server scanner

Gobuster

Directory/file enumeration tool

ffuf

Fast web fuzzer

SQLmap

SQL injection detection and exploitation

Nuclei

Fast vulnerability scanner with templates

Arachni

Web application security scanner framework

Digital Forensics

FTK Imager

Disk imaging and analysis

Autopsy

Digital forensics platform

Volatility

Memory forensics framework

Magnet AXIOM

Digital evidence examination

Cellebrite

Mobile device forensics

EnCase

Computer forensics suite

Belkasoft X

Advanced digital forensics solution

X-Ways Forensics

Integrated computer forensics software

Cloud Security

AWS CLI

Command-line interface for AWS services

Azure Security Center

Unified security management system

Flaws.cloud

AWS security learning platform

AI & Automation

Security Copilot

Microsoft's AI-powered security assistant

Darktrace

AI-powered threat detection

Sec-Gemini

AI security analysis platform

Splunk

SIEM and security analytics

Malware Analysis

PeStudio

PE file analysis tool

Ghidra

Software reverse engineering framework

Cuckoo Sandbox

Automated malware analysis

VirusTotal

Multi-engine malware analysis service

OSINT

Maltego

Data mining and link analysis

SpiderFoot

Automated OSINT gathering

Shodan

Internet-connected device search

Recon-ng

Web reconnaissance framework

theHarvester

Email and subdomain gatherer

FOCA

Metadata analyzer and document finder

Google Dorking

Advanced search techniques for information gathering

Intelligence X

Search engine and data archive for OSINT

Scripting

Python

Automation and security tool development

Bash

Shell scripting and system automation

PowerShell

Windows automation and administration

JavaScript

Web security testing and automation

Soft Skills

Attention to Detail

Thoroughly analyze systems to identify vulnerabilities and anomalies.

Critical Thinking

Evaluate complex security situations to determine effective solutions.

Communication Skills

Translate technical concepts into clear information for diverse audiences.

Teamwork

Work effectively with cross-functional teams on security solutions.

Problem Solving

Approach complex security issues systematically and effectively.

Time Management

Prioritize multiple security tasks and manage deadlines effectively.

Projects

CyberSafe Toolkit

An AI-powered cybersecurity toolkit built to help users analyze threats, scan files & URLs, check vulnerabilities, extract metadata, and many more — all in one place.
Developed using Firebase, VirusTotal API, and AI models to provide practical tools like phishing analyzers, port scanners, encryption utilities, and password checkers.
Built for everyday users, students, and ethical hackers to boost digital safety — for free.

AI Firebase VirusTotal API Cybersecurity Web Development

Try it Live

SovanDrive

A personal video streaming platform powered by Google Drive API and low-code tech — built to organize and stream HD movies/series in a clean, responsive UI.
Ideal for personal use, private sharing, and experimenting with JavaScript, cloud hosting, and media UX.

JavaScript Google Drive API Video Streaming Cloud Hosting Responsive UI

Try it Live

Capture The Flag (CTF) Challenges

OffSec Proving Grounds 8+ Machines

HackTheBox 7+ Machines

TryHackMe 5+ Machines

Solved 20+ CTFs involving reconnaissance, enumeration, exploitation, password cracking, privilege escalation challenges.
Demonstrated practical skills in web application security, network penetration, and system exploitation.

CTF HackTheBox TryHackMe OffSec