AshKetchum Security

CURRENTLY

Offensive Security Lead

Mindpool Technologies

Independent researcher at Synack · HackerOne · Bugcrowd · Yogosha

// Whoami

Ashish Arun Dhone

Offensive Security Lead, multi-CVE researcher, Black Hat MEA speaker, and one of the top-ranked ethical hackers on Google's leaderboard. Helping organisations and individuals stay ahead of attackers across web, mobile, network and cloud.

// Career Timeline

Offensive Security Lead

Mindpool Technologies · Current

Leading offensive security strategy and red-team operations.

Cyber Security Consultant

Emirates NBD · Dubai

Cyber Security Expert

Entel S.A. · Chile

Lead Penetration Tester

Persistent Systems

Independent Security Researcher

Synack · HackerOne · Bugcrowd · Yogosha

// Disclosures

CVE credits.

Vulnerabilities discovered and responsibly disclosed across major vendors.

CVE-2025-49546Critical

Improper Access Control

Adobe ColdFusion

CVE-2021-37999High

Universal Cross-Site Scripting (UXSS)

Google Chrome

CVE-2021-31832Medium

Stored Cross-Site Scripting

McAfee DLP

CVE-2020-35745High

Privilege Escalation — Unauthenticated Admin Portal Access

PHPGurukul

CVE-2020-25925Medium

Reflected Cross-Site Scripting

IceWarp WebClient

// Honors & Awards

Recognition that speaks for itself.

MSRC Most Valuable Researcher

2025, 2024 & 2023 — Microsoft Security Response Center

Microsoft BlueHat Speaker 2025

Invited speaker at Microsoft's flagship security conference.

Black Hat MEA 2022 Speaker

Riyadh, Saudi Arabia — Research selected, CTF Captain (only Indian team to qualify finals).

Top 50 — Microsoft

Ranked among the Top 50 security researchers at Microsoft.

Top 120 World — Google

Among the world's top-ranked hackers on Google's leaderboard.

2025 Q2MSRC Q2 Leaderboard

2025 Q1MSRC Q1 Leaderboard

2024 Q4MSRC Q4 Leaderboard

2024 Q3MSRC Q3 Leaderboard

2025MSRC Most Valuable Researcher Leaderboard

Top 50Microsoft — Top 50 Security Researcher Ranking

2025Microsoft BlueHat Speaker — flagship Microsoft security conference

2024MSRC Most Valuable Researcher Leaderboard

2024 Q2MSRC Q2 Leaderboard

2024 Q1MSRC Q1 Leaderboard

2023 Q3MSRC Q3 Leaderboard

2023MSRC Most Valuable Researcher Leaderboard

2023 Q1MSRC Q1 Leaderboard

2023Black Hat MEA CTF Finalist · Riyadh, Saudi Arabia

2022Black Hat MEA Speaker & CTF Finalist (Captain, only Indian team in finals)

GovNational Crime Records Bureau (MHA, India) — CCTNS Bug Bounty Winner

Top 120Google Hacker's Ranking — World Top 120

AsiaBountyCon — Facebook & Google · Selected for Asia region (Facebook HQ, Singapore)

HoFHacker's Hall of Fame — Google, Apple, Microsoft, Facebook, Shopify, GitLab, AT&T, Western Union, Paytm, Swiggy & 500+ Fortune companies

// Education

Academic foundation.

MASTER'S DEGREE

Master of Science in Cybersecurity

EC-Council University

// Certifications

Nine industry-recognized credentials.

CRTP

Certified Red Team Professional

Altered Security

LPT

Licensed Penetration Tester · Master

EC-Council

CPENT

Certified Penetration Testing Professional

EC-Council

eWPTX

Web App Penetration Tester eXtreme v2.0

eLearnSecurity

CHFI

Computer Hacking Forensic Investigator

EC-Council

DFE

Digital Forensic Essentials

EC-Council

CEH

Certified Ethical Hacker · Master (Practical)

EC-Council

EHE

Ethical Hacking Essentials

EC-Council

CEH

Certified Ethical Hacker v10

EC-Council

// Client Stories

What people say after a session.

Hover to pause · auto-scrolls through every review.

I'm very grateful for your guidance. Thank you! 🙏

A

Aditya

verified client

I got proper guidance and help from Ashish.

R

Rushikesh Vibhute

verified client

Got all my doubts cleared. The session was really helpful.

S

Sourabh Pradhan

verified client

Ashish shared very helpful tips on how to approach bug hunting, and it really improved my understanding. I'm grateful for the guidance and highly recommend his expertise!

P

Prathamesh

verified client

It was a really good session 🤩 — Ashish made it very simple and easy to understand which steps to take first. Looking forward to more 😄.

R

Rahul Vasani

verified client

The session provided valuable insights and practical strategies to enhance our bug bounty approach. Thank you so much sir.

A

Ankush Borde

verified client

★★★★★

Ashish is a rare, top-tier cybersecurity talent. He has a great ability to break down complex topics and helped me clearly understand several core areas I was looking to strengthen.

?

Anonymous

verified client

I really loved his idea to find the blind XSS and not yet started spraying these payloads. I believe it will give a good output, more than I expected. Thank you bro.. 🫰🏼

S

Shunmugapriyan M

verified client

★★★★★

His way of explaining each and everything was excellent.

M

MD Uzair Khan

verified client

★★★★★

He explains each and everything in a very excellent way... his way of talking is like he's my friend. Totally worth the session — thank you sir once again 🙌🙏

?

Anonymous

verified client

Your payloads are extremely helpful when performing blind XSS testing on web applications. Thank you.

S

Shiva Kumar M V

verified client

★★★★★

Giving away his secret sauce for free.

?

Anonymous

verified client

It's very helpful for us to learn new methods, technology and payload techniques.

A

Akshay Zambre

verified client

// Ready to Begin

Ready to elevate your cybersecurity career?

Invest just 30 minutes and unlock years of proven experience.

Book Your Session Now

Hack your way into a world-class cybersecurity career.

Ashish Arun Dhone

CVE credits.

Acknowledged by the world's leading companies.

Recognition that speaks for itself.

Academic foundation.

Nine industry-recognized credentials.

What people say after a session.

Quick info — terminal style.

Ready to elevate your cybersecurity career?