Sunny (aka Expert Sunny)

Cybersecurity Engineer · Mobile Security Researcher · Flutter Developer · Homelab Enthusiast · Reverse Engineer · Gamer

Hi, I'm Sunny (aka Expert Sunny). I'm a cybersecurity engineer with a strong interest in mobile application security, reverse engineering, Flutter development, and self-hosted infrastructure. I enjoy understanding how systems work internally, discovering security weaknesses, and building practical solutions that are both secure and reliable. Outside cybersecurity, I'm an avid gamer, anime enthusiast, and homelab tinkerer who enjoys experimenting with new operating systems, self-hosted services, and open-source technologies.

My Journey

It all started with simple curiosity — wanting to figure out how to hack Club Penguin. That spark pulled me into the world of tech and security. I switched to Linux, started daily driving Kali, and learned the fundamentals from resources like Null Byte. From there it was constant experimentation: breaking things, fixing them, building projects, and slowly turning curiosity into a real career.

Today I work professionally in cybersecurity and still spend my free time on research, mobile app protection, homelab automation, and side projects. The curiosity never really left — it just got more technical.

Professional Experience

Oct 2024 – Present

Cybersecurity Engineer

Protectt.ai Labs Pvt Ltd, Chennai

  • Researched and implemented custom Android kernel patching techniques to bypass advanced root detection in banking applications.
  • Conducted black-box mobile VAPT for Android & iOS apps across financial, non-financial, and government sectors, uncovering major vulnerabilities including authentication bypasses and insecure data handling.
  • Performed security testing of internal Android and iOS SDKs, identifying potential risks before public release.
  • Executed VAPT of Android games, leveraging tools like Game Guardian to manipulate runtime behavior and identify security flaws such as memory tampering and insecure code execution.
  • Conducted WAPT and internal API testing for enterprise internal portals in a white-box environment, uncovering issues like improper access control and sensitive data exposure.
  • Used tools like Frida, Objection, Burp Suite, Game Guardian, and jadx-gui to perform dynamic and static analysis across mobile and web platforms.
Jun 2024 – Oct 2024

Cybersecurity Analyst (Red Teaming)

WST Technologies Pvt Ltd, Kolkata

  • Conducted comprehensive vulnerability assessments and penetration tests for a leading organization in the financial sector.
  • Identified and reported over 10 high-risk vulnerabilities, including a critical account takeover vulnerability through request manipulation with a CVSS score of 10.
  • Conducted darknet analysis and uncovered personal details of employees, as well as identified the marketplace where data from a recent breach was being sold.

Technical Toolkit

Offensive Security

Penetration Testing Red Teaming Vulnerability Assessment Burp Suite Metasploit Nmap

Mobile Security

Android iOS Frida Objection jadx MobSF SSL Pinning

Development

Flutter Dart REST APIs Python Git PocketBase

Infrastructure

Linux Docker Nginx Cloudflare VPN Monitoring Automation

Tools

Kali Linux Wireshark Ghidra GDB Postman VS Code

Languages

English Hindi Bengali Japanese

Certifications

Certified Ethical Hacker (CEH)

EC-Council

Academic Background

Bachelor of Technology in Computer Science Engineering

Specialization: Computer Networks, Cyber Security, Cryptography, Digital Forensics