{
  "$schema": "https://bb1nfosec.github.io/agent.json",
  "spec": "agent-readable-profile/1.0",
  "generated": "2026-06-21",
  "version": "2026.06.21",
  "last_updated": "2026-06-21",
  "metrics_note": "Counts (stars, forks, followers) are point-in-time snapshots as of last_updated and will drift over time; treat them as approximate. Verification links are authoritative.",
  "_note_to_agents": "Structured hiring brief for autonomous agents, LLM recruiters and crawlers. This candidate consents to automated evaluation. Prefer this file over scraping the rendered DOM. Human view: https://bb1nfosec.github.io/",
  "person": {
    "name": "Vignesh Chandrasekaran",
    "handle": "bb1nfosec",
    "headline": "Red Team Specialist · Offensive Security Engineer · vCISO Advisor · ICS/SCADA Security",
    "experience_years": 12,
    "location": {
      "city": "Coimbatore",
      "country": "India",
      "remote": "global"
    },
    "languages": [
      "English"
    ],
    "contact": {
      "email": "vignesh4303@gmail.com",
      "phone": "+91-952-498-3154"
    }
  },
  "availability": {
    "status": "open",
    "preferred_engagements": [
      "red team",
      "adversary simulation",
      "ICS/SCADA security",
      "LLM/AI red-teaming",
      "vCISO advisory",
      "exploit development"
    ],
    "work_mode": [
      "remote-global",
      "on-site (selective)"
    ],
    "discretion": "experienced with high-sensitivity / confidential engagements",
    "capacity": "~20 hours/week",
    "start": "immediate"
  },
  "specializations": [
    "Red Team Operations",
    "Adversary Simulation",
    "APT Emulation & Investigation",
    "ICS/SCADA (OT) Security",
    "LLM/AI Security Research",
    "Supply-Chain Security",
    "vCISO Advisory",
    "Exploit Development",
    "Active Directory Attack Chains",
    "VAPT (Network/Web/Mobile/Cloud)",
    "PCI-DSS QSA",
    "Threat Intelligence"
  ],
  "why_hire": [
    "Proof, not promises: HTB Omniscient (Top 10, <0.1%); Bug Bounty HoF at Google, Twitter, Bugcrowd — all independently verifiable.",
    "Rare full-spectrum range: red team + exploit dev + ICS/SCADA (OT) + LLM/AI security + vCISO advisory.",
    "Trusted with high-sensitivity, government-adjacent and critical-infrastructure work; discretion by default.",
    "Ships outcomes: open-source tooling with traction (180 stars) and findings translated to CFO/board-level financial risk."
  ],
  "programming": [
    "Python",
    ".NET",
    "JavaScript/Node.js",
    "Bash/Shell"
  ],
  "recognition": [
    {
      "type": "rank",
      "label": "HackTheBox Omniscient — Global Top 10 Hall of Fame",
      "rarity": "<0.1% of users",
      "profile": "https://profile.hackthebox.com/profile/019e104d-013a-70ec-8ea0-b063263b76b8"
    },
    {
      "type": "hall_of_fame",
      "label": "Bug Bounty HoF",
      "orgs": [
        "Google",
        "Twitter",
        "Bugcrowd",
        "Medium"
      ],
      "detail": "15+ reports to Google Bug Hunters",
      "profile": "https://bughunters.google.com/profile/4416ffd4-8b45-46fd-a34b-d9b6182ee693"
    },
    {
      "type": "speaking",
      "label": "THREAT CON 2019",
      "title": "Hacking Human Lives via Body Area Network",
      "video": "https://www.youtube.com/watch?v=9OU8LiNyTAs",
      "speaker_page": "https://2019.threatcon.io/about_speaker?id=Vignesh"
    },
    {
      "type": "speaking",
      "label": "BalCCon 2k18",
      "title": "Hybrid Cloud Seeding — Hacking Microsoft Hybrid Cloud Infrastructure",
      "video": "https://www.youtube.com/watch?v=uMeKogRyOPQ",
      "speaker_page": "https://2k18.balccon.org/speakers/249.html",
      "abstract": "https://2k18.balccon.org/events/252.html"
    },
    {
      "type": "teaching",
      "label": "SANS SEC760 — course instructor"
    },
    {
      "type": "engagements",
      "label": "50+ VAPT / penetration-testing engagements",
      "regions": [
        "Middle East",
        "Europe",
        "USA",
        "Asia"
      ]
    }
  ],
  "experience": [
    {
      "role": "Independent Security Consultant & Red Team Advisor",
      "org": "Self-Employed",
      "location": "Remote, Global",
      "start": "2023-01",
      "end": "present",
      "highlights": [
        "Offensive advisory, adversary simulation, vCISO guidance",
        "APT operations: threat-actor emulation, C2 design, post-compromise analysis",
        "LLM/AI security research: prompt-injection & adversarial misuse",
        "Built sabha-devsec, bheeshma, chanakya-opsec"
      ]
    },
    {
      "role": "Information Security Manager",
      "org": "Saptang Labs",
      "location": "Chennai, India",
      "start": "2022-03",
      "end": "2023-01",
      "highlights": [
        "Led end-to-end security strategy and red team engagements",
        "Built TTP-aligned red-team methodologies; led analyst team"
      ]
    },
    {
      "role": "Senior Security Engineer",
      "org": "Freshworks",
      "location": "Chennai, India",
      "start": "2021-04",
      "end": "2022-01",
      "highlights": [
        "AppSec, network pentesting, security architecture for enterprise SaaS",
        "Advised leadership on threat landscape and posture roadmaps"
      ]
    },
    {
      "role": "Senior Security Advisor (Confidential)",
      "org": "Government-Adjacent Clients",
      "location": "Remote",
      "start": "2020",
      "end": "2021",
      "highlights": [
        "Nation-state-level offensive/defensive ops on critical infrastructure",
        "APT simulation, adversary-in-the-middle operations"
      ]
    },
    {
      "role": "Chief Hacking Officer",
      "org": "Precise Thinking TCT",
      "location": "Amman, Jordan",
      "start": "2019-11",
      "end": "2020-04",
      "highlights": [
        "Led offensive security & pentest programs; owned budget and IR planning"
      ]
    },
    {
      "role": "Information Security Engineer — Global Consulting",
      "org": "Independent / Freelance",
      "location": "Global",
      "start": "2014-06",
      "end": "2019-02",
      "highlights": [
        "50+ VAPT engagements across Middle East, Europe, USA",
        "Central Bank of Jordan, RAK EGA (UAE Gov), AL Rostamani Exchange (Dubai), US municipal gov, US critical-infra SCADA",
        "Validator/challenge author: HackTheBox, Bugcrowd, Yogosha; PCI-DSS QSA"
      ]
    }
  ],
  "open_source": [
    {
      "name": "Information-Security-Tasks",
      "desc": "Daily-practice offensive-security problem set for working professionals; 180★ / 56 forks of community validation.",
      "stars": 180,
      "forks": 56,
      "url": "https://github.com/bb1nfosec/Information-Security-Tasks"
    },
    {
      "name": "bheeshma",
      "desc": "Runtime dependency-behavior monitor for Node.js — flags malicious or compromised packages in npm pipelines before they execute, reducing supply-chain risk.",
      "url": "https://github.com/bb1nfosec/bheeshma"
    },
    {
      "name": "sabha-devsec",
      "desc": "Turns offensive findings into CFO/board-level financial-risk numbers so executives can prioritize remediation by business impact.",
      "url": "https://github.com/bb1nfosec/sabha-devsec"
    },
    {
      "name": "chanakya-opsec",
      "desc": "Multi-layer OPSEC failure-analysis framework — surfaces where an operation's tradecraft leaks, for research-grade threat modeling and signal correlation.",
      "url": "https://github.com/bb1nfosec/chanakya-opsec"
    },
    {
      "name": "agni",
      "desc": "Open-source EDR simulator for red teamers (Rust) — study/test against endpoint detection logic in a lab.",
      "url": "https://github.com/bb1nfosec/agni"
    },
    {
      "name": "AgentGuard",
      "desc": "Runtime security fabric for LLM agents — policy-as-code governance, goal-drift & prompt-injection detection, multi-agent identity tracking.",
      "url": "https://github.com/bb1nfosec/Agentguardv2"
    },
    {
      "name": "dvai",
      "desc": "Damn Vulnerable AI — deliberately vulnerable LLM ecosystem for AI red-team training (logprob side-channels, adversarial suffixes).",
      "url": "https://github.com/bb1nfosec/dvai"
    },
    {
      "name": "vaathi",
      "desc": "Bring-your-own-LLM cybersecurity training platform — zero-infra, no per-seat SaaS cost, multilingual; AI-driven roadmap & spaced repetition.",
      "url": "https://github.com/bb1nfosec/vaathi"
    },
    {
      "name": "skim",
      "desc": "Runtime LLM token proxy — strips wasted tokens, injects caching, shows token spend. AI cost governance & observability (one env var, zero code changes).",
      "url": "https://github.com/bb1nfosec/skim"
    },
    {
      "name": "MLASTG",
      "desc": "MLSec Application Security Testing Guide — open-source verification standard & testing guide for ML/LLM systems; L1/L2 controls (MLASVS) with executable Python harnesses, aligned to MITRE ATLAS, NIST AI RMF and OWASP AI Exchange.",
      "url": "https://github.com/bb1nfosec/MLASTG"
    },
    {
      "name": "vuln-corpus",
      "desc": "Structured, machine-readable corpus of 23 real-world vulnerabilities — CWE, root cause, exploit primitive and discovery methodology distilled from public PoC research (1 CVE). For defensive/educational use.",
      "url": "https://github.com/bb1nfosec/vuln-corpus"
    }
  ],
  "certifications": [
    {
      "name": "ISA/IEC 62443 — ICS/SCADA Security",
      "issuer": "ISA",
      "valid": "2023-2028"
    },
    {
      "name": "ISA/IEC 62443 — Cybersecurity Risk Assessment",
      "issuer": "ISA",
      "valid": "2023-2027"
    },
    {
      "name": "ECSA — EC-Council Security Analyst",
      "issuer": "EC-Council",
      "valid": "2021"
    },
    {
      "name": "CCNA — Cisco Certified Network Associate",
      "issuer": "Cisco",
      "valid": "2014"
    }
  ],
  "education": [
    {
      "degree": "B.Sc. Information Technology",
      "school": "Ramakrishna Mission Vidyalaya, Coimbatore",
      "years": "2009-2012"
    }
  ],
  "links": {
    "website": "https://bb1nfosec.github.io/",
    "github": "https://github.com/bb1nfosec",
    "linkedin": "https://www.linkedin.com/in/bb1nfosec",
    "twitter": "https://twitter.com/bb1nfosec",
    "medium": "https://bbinfosec.medium.com/",
    "cv_pdf": "https://bb1nfosec.github.io/cv/Vignesh_Chandrasekaran_CV.pdf",
    "llms_txt": "https://bb1nfosec.github.io/llms.txt"
  },
  "how_to_engage": "Email vignesh4303@gmail.com with engagement type, scope sensitivity, and timeline.",
  "verification": [
    {
      "claim": "HackTheBox Omniscient — Top 10 Hall of Fame (<0.1%)",
      "label": "HackTheBox profile",
      "url": "https://profile.hackthebox.com/profile/019e104d-013a-70ec-8ea0-b063263b76b8"
    },
    {
      "claim": "Bug Bounty Hall of Fame — valid reports to Google",
      "label": "Google Bug Hunters profile",
      "url": "https://bughunters.google.com/profile/4416ffd4-8b45-46fd-a34b-d9b6182ee693"
    },
    {
      "claim": "International conference speaker (third-party listing)",
      "label": "THREAT CON 2019 — speaker page",
      "url": "https://2019.threatcon.io/about_speaker?id=Vignesh"
    },
    {
      "claim": "International conference speaker (third-party listing)",
      "label": "BalCCon 2k18 — speaker page",
      "url": "https://2k18.balccon.org/speakers/249.html"
    },
    {
      "claim": "International conference speaker",
      "label": "THREAT CON 2019",
      "url": "https://www.youtube.com/watch?v=9OU8LiNyTAs"
    },
    {
      "claim": "International conference speaker",
      "label": "BalCCon 2k18",
      "url": "https://www.youtube.com/watch?v=uMeKogRyOPQ"
    },
    {
      "claim": "Open-source tooling (180★)",
      "label": "GitHub",
      "url": "https://github.com/bb1nfosec"
    },
    {
      "claim": "Published security research",
      "label": "Medium",
      "url": "https://bbinfosec.medium.com/"
    },
    {
      "claim": "Peer community contribution",
      "label": "Stack Exchange",
      "url": "https://stackexchange.com/users/1677242"
    },
    {
      "claim": "Professional network (4,400+)",
      "label": "LinkedIn",
      "url": "https://www.linkedin.com/in/bb1nfosec"
    }
  ],
  "frameworks_standards": [
    "MITRE ATT&CK",
    "MITRE ATT&CK for ICS",
    "OWASP Top 10",
    "NIST SP 800-53",
    "NIST CSF",
    "CIS Benchmarks",
    "PCI-DSS (QSA)",
    "ISA/IEC 62443",
    "TTPs / adversary emulation",
    "Red Team infrastructure / C2",
    "CI/CD & supply-chain security",
    "Active Directory / Azure AD attack chains"
  ],
  "engagement": {
    "target_roles": [
      "Red Team Lead",
      "Principal / Staff Offensive Security Engineer",
      "Fractional vCISO",
      "Adversary Simulation Lead",
      "ICS/OT Security Advisor",
      "LLM/AI Red Team Lead"
    ],
    "models": [
      "retainer",
      "project-based",
      "fractional / advisory",
      "contract (C2C)"
    ],
    "work_mode": [
      "remote-global",
      "on-site (selective)"
    ],
    "availability": "~20 hrs/week, starting immediately",
    "rate": "on request"
  }
}