What is penetration testing?

Penetration testing (pentesting) is a simulated cyber attack against your system to check for exploitable vulnerabilities. It helps identify security weaknesses before malicious hackers can exploit them.

How much does a security audit cost?

Security audit costs vary based on scope, complexity, and duration. Basic web application tests start from $2000, while comprehensive enterprise audits can range from $10,000-$50,000. Contact for a custom quote.

What is the difference between VAPT and penetration testing?

VAPT (Vulnerability Assessment and Penetration Testing) combines automated vulnerability scanning with manual penetration testing. VA identifies potential vulnerabilities, while PT actively exploits them to assess real-world impact.

How long does a penetration test take?

Duration depends on scope. A basic web application test takes 3-5 days. Mobile app testing takes 5-7 days. Comprehensive infrastructure assessments can take 2-4 weeks. Includes testing time plus reporting.

Offensive Security Consulting

Suman Roy • Offensive Security Consultant

Specializing in deep manual penetration testing, vulnerability research, and secure code review for modern applications.

Accepting New Engagements

Govt Secured

CVE Research

SCA

0+ CVEs

Manual Testing

Experience

0+ yrs

Schedule Call View Services

C
C++
Kotlin
Java
Python
PHP
Ruby
JavaScript
Go
TypeScript
Kali Linux
Burp Suite
AWS
Wireshark
Docker
WordPress

C
C++
Kotlin
Java
Python
PHP
Ruby
JavaScript
Go
TypeScript
Kali Linux
Burp Suite
AWS
Wireshark
Docker
WordPress

▶ [ ABOUT ]

▶ [001]

About

▶ [002]

Core Skills

Certifications

▶ [003]

Arsenal

Specializations

▶ [ SERVICES ]

Premium
Security
Services

▶ [ EXPERIENCE ]

professional
experience

// ELITE CONSULTING
// RED TEAM OPERATIONS
// SECURITY RESEARCH

▶ [ RESEARCH ]

Vulnerability
research

// CRITICAL FINDINGS
// ENTERPRISE SYSTEMS
// ZERO-DAY EXPLOITS

▶ [ PROJECTS ]

open source
contributions

New

SHELL REMOTE ACCESS

VALAK

Advanced multi-language polymorphic web shell toolkit for red teams and security professionals. Features advanced obfuscation, encryption, modular operations, and interactive client.

PYTHON WEB SHELL

View Project

Popular

Active Maintained

ReconFavicon

OSINT tool for identifying apps & services using favicon hashing. Widely used for reconnaissance and fingerprinting.

PYTHON OSINT

View Project

Growing

Active

Xposed

A fast, parallelized Python tool for detecting exposed .git repositories with resumable state and CSV reporting.

PYTHON SECURITY

View Project

Active

Automation

PRISM

Professional vulnerability reporting tool for penetration testers and bug bounty hunters.

PYTHON SECURITY

View Project

Community

Visualization

Nmap XML Visualizer

Interactive visualizer for Nmap XML output — simplifies analysis and reporting in the browser.

HTML JAVASCRIPT

View Project

Upstream

Open Source

FFUF Contribution

Contributed improvements to FFUF — one of the most widely used fuzzers in cybersecurity. PR merged into upstream.

GO FUZZING

View PR

View all repositories

▶ [ TESTIMONIALS ]

trusted by
industry leaders

Enterprise Verified

“Suman brings a rare combination of deep technical expertise and real problem-solving ability. He consistently delivers results, solves complex issues, and exceeds expectations every single time.”

Aditya Seth

Vulnerability Analyst • PSIRT

Leadership Verified

“A dependable specialist with excellent team skills. Suman’s judgment and decision-making consistently improve outcomes. One of the best professionals I’ve had the pleasure of managing.”

Indrajit Mondal

Ex-EY • Ex-Wipro

Operations Verified

“A hardworking and reliable professional. His grasp of systems and troubleshooting lays a strong foundation for the advanced security expertise he delivers today.”

Sairam Satyavada

Deputy General Manager

Mentor Verified

"Highly professional and extremely hardworking. Suman will be an asset to any organization that values security excellence and continuous improvement."

Siddharth Chowdhury

Product Support Engineer • Mentor

Mentor

“Highly professional and extremely hardworking. Suman will be an asset to any organization that values security excellence.”

Siddharth Chowdhury

Product Support Engineer

Enterprise

“Dedicated professional with an exceptional ability to solve problems and deliver results.”

Aditya Seth

Vulnerability Analyst

Leadership

“Excellent team player with strong decision-making and collaboration skills.”

Indrajit Mondal

Manager • Ex-EY

Ops

“Hardworking and detail-oriented. Strong foundational skills that translate into great security work.”

Sairam Satyavada

Deputy GM

▶ [ FAQ ]

frequently
asked

▶ [ CONTACT ]

let's talk

Schedule a consultation or reach out directly. Available for security assessments, penetration testing, and enterprise security projects.

Open for engagement

secureme@sumanroy.in

Quick Response

For urgent security matters or immediate assistance

Send Urgent Email → Call +91 790 847 6597

Connect

Prefer Email?

Drop me a message and I'll respond within 24 hours.

Avg. response time: 4-8 hours

Book Consultation

30-minute security strategy session

Suman Roy - Security Researcher | Penetration Testing & Bug Bounty Hunter

Offensive Security Consulting

About

Core Skills

Certifications

Arsenal

Specializations

Premium Security Services

professionalexperience

Vulnerabilityresearch

open sourcecontributions

VALAK

ReconFavicon

Xposed

PRISM

Nmap XML Visualizer

FFUF Contribution

trusted byindustry leaders

frequentlyasked

let's talk

Book Consultation

Premium
Security
Services

professional
experience

Vulnerability
research

open source
contributions

trusted by
industry leaders

frequently
asked