Swaroop Yermalkar

Hi, this is Swaroop Yermalkar. I have over 8+ years of industry experience in information security and currently working as a Head of Cyber Security (Red Team) for HackerU India. In the past, I have worked with Persistent System, Philips Healthcare, Lithium, and Traveloka in various roles as Security Engineer, Lead Product Security. I have a great interest in presenting my security research and I have spoken in 10+ international conferences including AppSec USA, AppSec Israel, Defcon 25 (AppSec Village), BruCON, SEC-T, c0c0n, GroundZero, and many more!

What I Do

Security Engineering

My core skills are Security Engineering, Vulnerability Assessment, Penetration Testing, Web/API/Network/Cloud Pentesting, Security Architecture, Threat Modelling, DevOps Security and also integrating security in the development lifecycle by closely working with developers.

Offensive Security / Red Teaming

I'm also a Red Teaming professional with skillsets of Exploit development, lateral movement, Antivirus bypass techniques, AD Exploitation, Mobile Malwares, C2 Framework and Adversary Emulation (APT).

Speaker / Trainer

I’m a frequent speaker at security conferences and meetup groups! I have presented 20+ infosec talks and provided specialized training for 500+ Professionals.

Open Source Contribution

I lead an open source project - OWASP iGoat. You can check more about the project at https://igoatapp.com/. This project aims to train its users in pentesting and securing iOS Applications (both Objective C and Swift).

Security Mentorship

In the information security field, it’s always good to have a mentor who can give you direction for your career/skills. Based on my experience and skills, I mentor a group of infosec professionals who have started their career in information security. You can always reach out to me if you need any advice from my side!

Security Research and Certifications

I spend some dedicated time on a few security research projects. I have plans to present my research in upcoming security conferences. Also I currently hold OSCE, OSCP, OSWP and CREST CRT Certifications.

Authored Books

Learning iOS Penetration Testing

This book will help you to secure your iOS applications and uncover hidden vulnerabilities by conducting penetration tests.

iOS rating Swaroop Yermalkar

An Ethical Guide To WI-FI Hacking and Security

The book will guide you on various possible attacks on WiFi networks such as WEP, WPA/WPA2, and WPA Enterprise using a manual and automated approach.

Ethical guide rating book Swaroop Yermalkar

Swaroop's travel

Fun Facts

Pentests Conducted


Countries Travelled


Critical Vulnerabilities Reported


Trained Professionals