ScriptJacker OS
secure
00:00:00
parth@scriptjacker - bash - 120×40
parth@scriptjacker:~$
system_monitor.sh
$ cat /proc/stats
0+
Companies Secured
0+
Hall of Fames
0+
Bugs Resolved
0+
Testing Hours
0x
CTF Champion
═══════════════════ ◆ ═══════════════════
about.txt
$ cat ~/about.txt

About Parth Narula

// whoami - Security Researcher & Founder @ScriptJacker LLP

I'm Parth Narula, founder of ScriptJacker LLP - a cybersecurity firm specializing in deep, manual penetration testing. I live for those moments where out-of-the-box thinking cracks open a critical vulnerability.

I specialize in Web Application Security, API Pentesting, Red Teaming, and OSINT. From the Australian Government and WHO to Boeing and BBC - I've reported security vulnerabilities to organizations worldwide, earning 250+ Hall of Fames and securing 425+ companies.

Currently pursuing BCA (Cybersecurity) at Lovely Professional University with a 9.75 CGPA, while mentoring the next generation of security researchers and competing in CTF competitions as team leader of ScriptJackers.

// System Info
NameParth Narula
Handle@ScriptJacker
RoleFounder & Lead Pentester
OrgScriptJacker LLP
FocusVAPT / Red Team / OSINT
CVEsCVE-2025-56697 + 1
LocationIndia
Status● Available
skills.conf
$ source ~/skills.conf

Skill Matrix

// echo $CAPABILITIES

echo $OFFENSIVE_SECURITY
Web Application PentestingAPI Security TestingMobile PentestingNetwork PentestingRed TeamingOWASP TOP 10ReconnaissanceOSINTGoogle DorkingDark Web Analysis
echo $LANGUAGES
HTMLCSSJavaScriptPHPBashSQLCPythonRuby
echo $TOOLS_PLATFORMS
Burp SuiteLinux / KaliPostman APIWiresharkCisco Packet TracerApache / NginxREST APIsGraphQL
experience/
$ git log --experience

Work History

// ls ~/experience/

Founder & Lead Pentester2023 - PRESENT
ScriptJacker LLP
  • Founded a cybersecurity firm specializing in deep, manual pentesting across web, API, mobile, and network.
  • Delivered security assessments to 150+ clients globally with 2,500+ bugs resolved.
  • Built flexible engagement models - project-based, retainer, and subscription.
  • Published research and case studies on Medium and blog.
Mentor - Bug Bounty & Web SecurityJUN 2025 - PRESENT
Unihackers
  • Mentored students in bug bounty hunting and web application security.
  • Simplified complex security concepts into practical learning modules.
Penetration Tester InternAUG - SEPT 2023
Forensic Academy
  • Trained on Burp Suite, Wireshark, Cisco Packet Tracer, Linux CLI, and malware analysis.
  • Designed enterprise network and performed web pentesting. Completed with Grade A+.
── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ──
achievements.txt
$ cat ~/achievements.txt

Achievement Log

// grep -i "win\|cve" achievements.txt

250+ Hall of Fames
Acknowledged by Australian Govt, WHO, BBC, Boeing, Cambridge, Google, Michelin, and many more.
CVE-2025-56697
Discovered Stored XSS in Kashipara CBT v1.0. Assigned CVE + 1 additional.
425+ Companies Secured
Reports acknowledged by Pirelli, Sweden Police, Proton Mail, BMC Software, Nykaa, and hundreds more.
5x CTF Champion
1st place in Encrypted CTF 2025, RCS 2026, Rootbreach NITJ, Cyberthon, Xploit404.
Certificates of Appreciation
Recognized by Anvas University, Maastricht University, Nykaa, Neoshare.
Published Research
Active writer on Medium and blogs.scriptjacker.in - IDOR, price manipulation, ZoomEye.
hall_of_fame.db
$ SELECT name FROM orgs;
Australian GovtBerlin GovtWHOBBCUNESCOGoogleBoeingMichelinCambridgeGEA GroupZeptoProton MailMediaTekCoinSwitchBASFDeutsche BörsePirelliSweden PoliceBMC SoftwareNykaaClearTaxTwingateWhatfixAirmeetVismaSheffield UniAustralian GovtBerlin GovtWHOBBCUNESCOGoogleBoeingMichelinCambridgeGEA GroupZeptoProton MailMediaTekCoinSwitchBASFDeutsche BörsePirelliSweden PoliceBMC SoftwareNykaaClearTaxTwingateWhatfixAirmeetVismaSheffield Uni
certifications.txt
$ gpg --list-keys

Certifications

// cat ~/certifications.txt

eJPTv2eLearnSecurity Junior Penetration Tester
INE SecurityJan 2026
eWPTXv3Web App Penetration Tester eXtreme
INE SecurityDec 2025
CEHv13Certified Ethical Hacker
EC-CouncilDec 2025
ACAPApiSec Certified Practitioner
APISEC UniversityMar 2026
EHEEthical Hacking Essentials
EC-CouncilFeb 2022
═══════════════════ ◆ ═══════════════════
projects/
$ ls ~/projects/

Projects

// cat ~/projects/*.md

ScriptJacker Recon Tool
Active
End-to-end automated reconnaissance tool. Subdomain enumeration, dir busting, vuln scanning, DNS recon, JS analysis, parameter fuzzing.
Shell/BashPythonRubyReconOSINT
GitHub
ScriptJacker LLP - Platform
Live
Official website & VAPT services platform. Research articles, case studies, security methodologies.
Web SecurityVAPTResearch
Live Site
Security Research & Writeups
Published
IDOR exposing 85k+ emails, checkout price manipulation, ZoomEye dorking for deep endpoint recon.
IDORXSSPrice ManipulationZoomEye
MediumBlog
services.conf
$ systemctl list-services

Services

// cat ~/services.conf

Web Application Pentesting
Comprehensive manual testing using OWASP methodology. Authentication, authorization, injection, business logic.
API Security Testing
REST, GraphQL, SOAP. Auth bypass, IDOR, rate limiting, data exposure, injection vulnerabilities.
Android App Pentesting
Static & dynamic analysis. Reverse engineering, traffic interception, insecure storage.
Network Pentesting
Internal & external network testing. Enumeration, scanning, exploitation, lateral movement.
LLM Security Testing
AI/LLM security assessment. Prompt injection, jailbreaking, data leakage, model manipulation.
Vulnerability Assessment
Systematic identification and classification of vulnerabilities. Risk-prioritized reporting.
Security Consulting
Strategic guidance. Architecture reviews, secure SDLC, compliance readiness.
ctf-wins.log
$ grep "1st" ~/ctf-wins.log

CTF & Bug Bounty

// cat ~/ctf-wins.log

★ 1st Place
Encrypted CTF 2025
ScriptJackers · Crypto, Web, OSINT
★ 1st Place
RCS 2026
ScriptJackers · Web Exploitation, Steg
★ 1st Place
Rootbreach NITJ 2026
ScriptJackers · Full-spectrum
★ 1st Place
Cyberthon
ScriptJackers · Security Challenge
★ 1st Place
Xploit404
ScriptJackers · Exploitation
◆ Active Hunter
Bug Bounty Programs
250+ HoFs · 425+ Companies
── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ── ◇ ──
testimonials.log
$ tail -f reviews.log

Client Feedback

// cat ~/testimonials.log

The reports were accurate, and the discussions were constructive and fair. We're completely satisfied with the service and happy to have our security improved.
Aleksandr Tischenko - CEO, Lamantine Software
They came back shortly with detailed reports. Our platform and users are safer, thanks to ScriptJacker!
Sutty Team - Sutty Labor Cooperative
Communication was quick and thorough, with all information needed to triage and fix bugs. A great experience.
Clement Picquet - Co-Founder, DLX Media
Parth proactively identified security concerns and provided a thorough, well-documented report.
Dave Lowe - Founder & CEO, IsiFederal
education.txt
$ grep education resume.md

Education

// cat ~/education.txt

Bachelor's in Computer Applications
Lovely Professional University, Phagwara
Cybersecurity · CGPA: 9.75 · Aug 2025 - Present
Intermediate - Commerce
Vishvas Senior Secondary School, Hisar
86% · Apr 2023 - Mar 2025
Matriculation
St. Mary's School, Hisar
84% · Apr 2013 - Mar 2023
═══════════════════ ◆ ═══════════════════
hobbies.txt
$ cat ~/hobbies.txt

Hobbies & Interests

// Things I do when I'm not breaking systems

CTF Competitions
War games across crypto, web, forensics, and OSINT categories.
Bug Bounty Hunting
Responsibly hunting vulnerabilities in production applications globally.
Scripting & Automation
Building tools in Bash, Python, Ruby to automate security workflows.
OSINT Research
Open-source intelligence gathering and deep web exploration.
Reverse Engineering
Taking apart binaries and understanding software at the lowest level.
Tech Blogging
Writing detailed writeups, case studies, and research articles.
Linux Ricing
Customizing desktop environments, window managers, and terminals.
Mentoring
Helping the next generation find their path in cybersecurity.
contact.txt
$ ssh parth@contact

Get in Touch

// cat ~/contact.txt

EMAILparth.narula@scriptjacker.in
PHONE+91 7497054662
COMPANYscriptjacker.in
BLOGblogs.scriptjacker.in
GITHUBgithub.com/scriptjacker
LINKEDINLinkedIn Profile
MEDIUMscriptjacker.medium.com