Abbytes delivers professional-grade cybersecurity services — from deep penetration testing to cloud hardening — for startups, enterprises, and government bodies across India.
End-to-end offensive and defensive security expertise, delivered with precision and documented to industry standards.
Web, mobile, API, and network pen tests. Real-world attack simulation to find vulnerabilities before adversaries do.
Comprehensive configuration reviews, code audits, and compliance assessments against CERT-IN, ISO 27001, and custom baselines.
Adversary simulation across people, processes, and technology. Full-scope engagements that test your entire security posture.
Static and dynamic application security testing integrated into your CI/CD pipeline or performed as a standalone engagement.
AWS, GCP, and Azure security assessments — misconfiguration reviews, IAM analysis, and cloud-native threat modelling.
Internal and external network assessments, firewall reviews, segmentation testing, and traffic analysis for complete network visibility.
Android and system forensics, malware analysis, APK reverse engineering, and formal incident report generation for CERT-IN submission.
Not sure which service fits your need?
Let's TalkAbbytes is a cybersecurity freelance practice run by a security professional with hands-on experience across offensive security, government audits, and digital forensics — working with CERT-IN empanelled organizations.
I've worked on penetration tests for government mobile applications, built AI-assisted security scanning platforms for national-scale audits, and conducted forensic investigations on phishing malware targeting critical infrastructure users.
Every engagement comes with clear communication, thorough documentation, and actionable findings — not a wall of CVEs.
A selection of tools, research, and engagements. More on GitHub.
AI-assisted automated security scanning platform for CERT-IN's national cyber audit mandate. Scans Indian government domains for exposed credentials, PII, misconfigurations, and secret leaks using spaCy NER, OCR, and heuristic pipelines.
Authorized penetration test of a Flutter-based government Android application. Overcame complex SSL pinning via binary patching of libflutter.so to disable BoringSSL certificate verification on ARM64/x86_64.
Forensic analysis of Android phishing malware targeting Delhi electricity utility customers. Produced formal CERT-IN incident reports and APK analysis methodology documentation for a government defence-adjacent entity.
Full-stack grocery price tracking app for comparing Blinkit and Zepto purchases with historical pricing and feedback logging.
Security research, writeups, and thoughts on the offensive security landscape.
A deep dive into binary patching libflutter.so to disable BoringSSL certificate verification when Frida gadget injection isn't viable.
Read Article →How I dissected a malicious APK impersonating a Delhi electricity provider, and what it revealed about the attacker's infrastructure.
Read Article →Building CyberDrishti — an NLP and OCR-powered pipeline to automate detection of exposed credentials across thousands of government domains.
Read Article →Looking for a security assessment, audit, or a quick consultation? Reach out — I respond within 24 hours.