Hi! I'm Sunny Pal, a cybersecurity enthusiast and student from India 🇮🇳 who started my security journey about a year ago. I'm passionate about offensive security, threat intelligence, and security automation.
I build tools that automate reconnaissance, develop honeypots to capture real-world cyber attacks, and analyze security vulnerabilities. Currently learning the ropes of bug bounty hunting on HackerOne and actively expanding my skills in penetration testing and SOC analysis.
🔍 Click to see my detailed profile
sunny_pal = {
"location": "India 🇮🇳",
"role": "Student | Security Researcher | Bug Bounty Hunter",
"security_focus": [
"Web Application Security",
"Network Security & Penetration Testing",
"OSINT & Reconnaissance Automation",
"Threat Intelligence & Honeypot Development",
"Red Teaming & SOC Analysis"
],
"certifications": [
"Google Cybersecurity Professional",
"TryHackMe - Multiple Path Completions",
"PentesterLab - Reconnaissance Badge",
"Smart India Hackathon 2023 - Winner 🏆"
],
"technical_skills": {
"security_tools": [
"Nmap, Burp Suite, Metasploit, Wireshark",
"Subfinder, Httpx, Waybackurls, Ffuf",
"Cowrie, Dionaea, Snort (Honeypots & IDS)",
"ELK Stack (SIEM)"
],
"programming": [
"Python (Security Automation & Scripting)",
"Bash (Shell Scripting for Automation)",
"JavaScript/Node.js (Backend & API Development)",
"SQL (Database Security)"
],
"frameworks": [
"OWASP Top 10",
"MITRE ATT&CK Framework",
"NIST Cybersecurity Framework"
]
},
"notable_projects": {
"flagship": "VulnServer - Real-time Honeypot Threat Intelligence Platform",
"automation": "AutoRecon - Bug Bounty Reconnaissance Framework",
"backend": "Acquisitions API - Secure RESTful API with JWT & CI/CD"
},
"current_goals": [
"Find my first valid bug bounty 🎯",
"Contribute to open-source security tools",
"Obtain industry certifications (CEH, eJPT)",
"Build a comprehensive security portfolio"
],
"bug_bounty_status": "Learning & Analyzing Hacktivities on HackerOne",
"availability": "Open to collaborations, internships, and security projects"
}
🔥 VulnServer - HoneyNet ⭐ FLAGSHIP PROJECT
Real-Time Cyber Threat Intelligence Platform
Distributed honeypot network capturing 11000+ real attacks in 24 hours • Live attack visualization • Automated threat intelligence • MITRE ATT&CK mapping
🎯 What It Does:
Built a complete honeypot infrastructure that captures real hackers attacking fake vulnerable servers. The system logs everything—attacker location, techniques used, commands typed, and malware uploaded—then visualizes it all on a real-time threat intelligence dashboard.
🛠️ Technical Architecture:
┌─────────────────────────────────────────────────────────────┐
│ HONEYPOT LAYER │
├─────────────────────────────────────────────────────────────┤
│ Cowrie (SSH) │ Dionaea (FTP/HTTP/SMB) │ Snort (IDS) │
└────────┬────────────────────┬──────────────────────┬────────┘
│ │ │
└──────────────────┬─┴──────────────────────┘
│
┌───────────────────────────▼─────────────────────────────────┐
│ DATA PIPELINE │
├─────────────────────────────────────────────────────────────┤
│ Filebeat → Logstash → Elasticsearch → GeoIP Enrichment │
│ MITRE ATT&CK Mapping │
└────────┬────────────────────────────────────────────────────┘
│
┌────────▼────────────────────────────────────────────────────┐
│ APPLICATION LAYER │
├─────────────────────────────────────────────────────────────┤
│ Backend: Python FastAPI (REST API) │
│ Frontend: React + Vite (Real-time Dashboard) │
│ Databases: PostgreSQL, MongoDB, Redis │
└─────────────────────────────────────────────────────────────┘
✨ Key Features:
- 🌍 Live Attack Map - Geographic visualization of real-time attacks
- 📊 Threat Intelligence Dashboard - Auto-refreshing analytics
- 🎯 Attack Classification - Automatic MITRE ATT&CK technique mapping
- 🔍 Command Logging - Capture every command hackers type
- 📈 Threat Scoring - Automated danger level calculation (0-100)
- 🗺️ GeoIP Tracking - Identify attacker country, city, and ISP
- 🐋 Dockerized Infrastructure - 13 containerized services
- ⚡ Real-Time Processing - Sub-second log ingestion
🧰 Tech Stack: Cowrie • Dionaea • Snort • ELK Stack • FastAPI • React • Docker • AWS
📊 Real-World Results:
- ✅ Captured 300+ attacks in first 24 hours
- ✅ Identified patterns from 15+ countries
- ✅ Logged 1000+ unique malicious commands
Automated Bug Bounty Reconnaissance Framework
Modular Python framework automating the 5-phase reconnaissance pipeline for bug bounty hunters • Subdomain enumeration • Port scanning • OSINT • Professional reports
🎯 Automated Workflow:
Phase 1: Subdomain Discovery (Subfinder + Certificate Transparency)
↓
Phase 2: Live Host Detection (Httpx - Multi-threaded HTTP/HTTPS probing)
↓
Phase 3: Port Scanning (Nmap - Service version detection)
↓
Phase 4: URL Collection (Waybackurls - Historical endpoints)
↓
Phase 5: Report Generation (Comprehensive summary with risk analysis)
🛠️ Key Features:
- 🎯 Complete Automation - One command runs entire recon pipeline
- 🧩 Modular Architecture - Run individual phases or complete workflow
- 📊 Professional Reports - Markdown/HTML reports with risk analysis
- 📁 Organized Output - Structured directory per target
- 🔄 Multi-threading - Parallel execution for faster results
🧰 Tech Stack: Python • Subfinder • Httpx • Nmap • Waybackurls • Bash
Production-Ready Secure RESTful API
Enterprise-grade backend with JWT authentication • Rate limiting & bot protection • Full CI/CD pipeline • Docker containerization • 38% test coverage
🔐 Security Features:
- 🛡️ JWT Authentication - Secure token-based auth with refresh tokens
- 🚦 Rate Limiting - Arcjet integration for DDoS protection
- 🤖 Bot Detection - Automated bot & suspicious activity blocking
- 🔒 Role-Based Access Control (RBAC) - Granular permission system
- 🧪 Input Validation - Comprehensive sanitization
🚀 DevOps Pipeline:
- ✅ Automated CI/CD with GitHub Actions
- ✅ Multi-stage Docker builds
- ✅ Jest testing with coverage reports
- ✅ ESLint & Prettier for code quality
🧰 Tech Stack: Node.js • Express • PostgreSQL • JWT • Docker • GitHub Actions
|
|
2025 (1 Year Ago):
- Started cybersecurity journey
- Learned Python & Bash scripting
- Completed Google Cybersecurity Professional
2025-2026:
- Built AutoRecon reconnaissance framework
- Deployed VulnServer honeypot (300+ attacks captured)
- Won Smart India Hackathon 2023
- Completed TryHackMe paths & PentesterLab
- Started bug bounty on HackerOne
Current Focus (2026):
- Advanced penetration testing
- Building security automation tools
- Active bug bounty hunting
- SOC analyst trainingSecurity Research ██████████████████░░░ 75%
Building Tools ████████████░░░░░░░░░ 50%
Bug Bounty Learning ██████████░░░░░░░░░░░ 40%
TryHackMe/Labs ████████░░░░░░░░░░░░░ 35%
Reading Documentation ██████░░░░░░░░░░░░░░░ 25%
- ✅ Find first valid bug bounty on HackerOne 🎯
- ✅ Obtain eJPT or CEH certification
- ✅ Contribute to open-source security tools
- ✅ Build comprehensive security portfolio
- ✅ Secure internship/job in cybersecurity
- ✅ Complete 100 TryHackMe rooms
I'm open to:
- 🔍 Collaborations on security projects and tools
- 💼 Internship opportunities in cybersecurity
- 🐛 Bug bounty hunting partnerships
- 📚 Knowledge sharing and mentorship
- 🛠️ Open source contributions to security tools
"The best defense is a good offense - understand how attackers think."
"Automate the boring stuff so you can focus on finding vulnerabilities."
"Security is not a product, but a process." - Bruce Schneier