Hello, I'm

Vasudev Goud
Bikki

// |

Application security enginner and a pasionate penetration tester with strong knowldge and experience in the cybersecurity.

View CV My Work
Vasudev Goud Bikki
vasudev@dtu:~$

$ nmap -sV target.host

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

$ python3 exploit.py_

// my story

About Me

My journey into cybersecurity began with a simple question: how do systems fail when viewed from an attacker's perspective? That curiosity led me from India to Denmark to pursue a Master's degree in Cybersecurity at the Technical University of Denmark. Since then, I have focused on developing an adversarial mindset — not only understanding how systems are built, but how they can be broken, manipulated, and exploited under real-world conditions.

At DTU, I don't just study attacks — I simulate them. I've conducted penetration testing to expose top OWASP vulnerabilities, and run full kill-chain penetration tests with Metasploit, Nmap, Kali Linux, Wireshark and Burp Suite. I also served as a Teaching Assistant at DTU, supporting Master's courses in Cybersecurity and AI.

Alongside my studies, I worked as a Student Assistant — Application Security Engineer at Philips Medisize, conducting SAST, DAST, and runtime security testing of Android mHealth applications aligned with OWASP MASVS/MASTG, and mapping findings to regulatory controls.

For my Master's thesis — Mobile Healthcare Application Cybersecurity — I gathered security requirements from healthcare regulations including FDA, HIPAA, EU MDR, GDPR, OWASP MASVS and NIST SSDF. I then built HAVA (Health Apps Vulnerability Assessment), a tool to assess applications against those regulatory requirements, integrated it into the development lifecycle so security is evaluated during the building phase, and delivered findings reports directly to developers. The thesis was graded 12 out of 12.

I now work as a Freelance Penetration Tester, assessing web applications for OWASP Top 10 vulnerabilities and delivering structured remediation reports. I operate on one conviction: you cannot defend what you don't fully understand. Outside the terminal, I'm a boxer, a dance choreographer, and a volleyball captain.

Freelance Pentester AppSec Engineer DTU MSc Python Healthcare Security Thesis 12/12 Boxer Team Captain
University
DTU
Specialization
Cybersecurity
Current Role
Pentester
Thesis Grade
12 / 12
vasudev.py 
class Vasudev:
  role    = "Penetration Tester"
  uni     = "DTU, Denmark"
  thesis  = "Mobile Helathcare Application Cybersecurity"
  tools   = [
    "Burp Suite", "Frida",
    "JADX", "Nmap",
    "Metasploit",
  ]
  mindset = "Think like attacker,
            defend like engineer"
0/12 Thesis Grade
0+ Security Projects
0+ Tools & Frameworks
0+ Years in Cybersecurity
// academic path

Education

2024 – Present Active

Technical University of Denmark (DTU)

MSc — Computer Science & Engineering, Cybersecurity Specialization

Studying advanced topics including ethical hacking, network security, data security, incident response, AI, and research in blockchain cyber-physical systems. Working on real-world penetration testing projects and security simulations.

Ethical Hacking Network Security SIEM / IDS Blockchain Security AI
2019 – 2023

Gurunanak Institutions of Technical Campus

BE — Electronics & Communication Engineering

Built a strong foundation in electronics, circuit design, signal processing, and communication systems. Developed early interest in how hardware and software systems interact — the foundation of systems security thinking.

Electronics Communication Systems Signal Processing
Jan 2025 – Mar 2026 Industry

Philips Medisize — Application Security Engineer

Student Assistant & Master's Thesis · Copenhagen, Denmark

Conducting SAST, DAST, and runtime security testing of Android mHealth apps aligned with OWASP MASVS/MASTG. Developed HAVA — an automated Python tool for assessing regulatory security requirements (FDA, EU MDR, HIPAA, GDPR), integrated into CI/CD pipelines. Thesis graded 12/12.

SAST / DAST OWASP MASVS FDA / EU MDR Android Security CI/CD
// hands-on experience

Work & Projects

Work Experience

Freelance Penetration Tester

Self-Employed  ·  Remote

Mar 2026 – Present
  • Conducting penetration testing on web applications including Telangana Association and Lotus Bytes.
  • Assessing applications for OWASP Top 10 vulnerabilities — SQL injection, XSS, authentication issues, and security misconfigurations.
  • Documenting findings and delivering remediation reports to improve application security posture.
Web Penetration TestingOWASP Top 10Burp SuiteSQL InjectionXSS

Student Assistant — Application Security Engineer

Philips Medisize  ·  Copenhagen, Denmark

Jan 2025 – Feb 2026
  • Conducted application security design reviews and code-level vulnerability analysis in close collaboration with development teams.
  • Performed SAST, DAST, and runtime security testing of Android applications aligned with OWASP MASVS and MASTG.
  • Identified and mitigated risks in authentication flows, secrets handling, cryptography, secure storage, IPC, and API communication.
  • Supported incident analysis, log review, and runtime monitoring to investigate abnormal application behavior.
  • Mapped security findings to FDA and EU MDR controls, strengthening audit readiness and compliance documentation.
SAST / DASTOWASP MASVS / MASTGAndroid SecurityPenetration TestingIAMFDA / EU MDRBurp SuiteFrida / JADX

Master's Thesis — Mobile Healthcare Application Cybersecurity 12 / 12

Philips Medisize  ·  Copenhagen, Denmark

Sep 2025 – Mar 2026
  • Gathered security requirements from healthcare regulations such as FDA, HIPAA, EU MDR, GDPR, OWASP MASVS and NIST SSDF to define a comprehensive regulatory security baseline for mHealth apps.
  • Built HAVA (Health Apps Vulnerability Assessment) — a Python tool to assess healthcare applications against those regulatory security requirements.
  • Integrated HAVA into the development lifecycle so security requirements are evaluated during the building phase, not after.
  • Delivered structured findings reports directly to developers, enabling targeted remediation at the source.
PythonFDA / HIPAAEU MDR / GDPROWASP MASVSNIST SSDFGitHub CI/CD

Teaching Assistant — Master's Courses

Technical University of Denmark (DTU)

Sep – Dec 2025
  • Fundamentals of Cybersecurity: Assisted Master's students with core concepts, CTF exercises, and assignment evaluation.
  • Logical Theories for Uncertainty & Learning: Supported Master's in AI students on First-Order Logic and Game Theory; evaluated assignments.
CTFCybersecurityGame TheoryTeaching
Academic Projects

Android App Reverse Engineering

Reverse-engineered Android applications to expose top OWASP vulnerabilities — broken authentication, insecure storage, insufficient cryptography, and improper platform usage. Delivered actionable mitigation reports covering input validation and secure authentication.

Reverse EngineeringOWASP MASVSAndroidJADX / Apktool

Cyber Ship Security Assessment

Conducted an NIST based cybersecurity risk assessment for maritime systems using the NIST framework. Evaluated threats and vulnerabilities in critical shipping infrastructure and developed structured mitigation strategies.

NISTRisk AssessmentCritical Infrastructure

Python Security Toolkit

Built a suite of security scripts from scratch: password strength analyzer, DNS record explorer, network port scanner, firewall configurator (iptables), and default-credential tester — each tested in live environments.

PythonPort ScanningDNS Reconiptables

Full Kill-Chain Penetration Tests

Simulated end-to-end cyberattacks using the Cyber Kill Chain framework with Metasploit, Nmap, and Burp Suite — across recon, exploitation, and post-exploitation phases.

MetasploitNmapBurp SuiteCyber Kill Chain

Blockchain Security Research

Systematic literature review on blockchain applications in cyber-physical systems. Analyzed how distributed ledger technology enhances security, integrity, and transparency where digital and physical components intersect.

BlockchainCyber-Physical SystemsResearch

Personal Portfolio Website

Designed and built this cyberpunk-themed developer portfolio from scratch — dark glassmorphism UI, matrix rain canvas, particle system, SVG line art, 3D card hover, animated skill meters, and scroll-driven effects. Deployed via GitHub Pages.

HTML / CSSJavaScriptCanvas APIGitHub Pages
vasudev.info
// arsenal

Skills & Tools

Application Security

Penetration Testing (SAST / DAST)
Android Security (MASVS / MASTG)
OWASP Top 10 / Vulnerability Assessment
Reverse Engineering (JADX / Frida)
Incident Response (SIEM / IDS)

Programming

Python
SQL
HTML / CSS
Java (Basics)
Bash / Linux

Security Tools

Burp Suite Frida JADX Apktool Metasploit Nmap Wireshark iptables GitHub Actions

Standards & Frameworks

OWASP MASVS / MASTG NIST SP 800-30 ISO 27001 FDA EU MDR HIPAA / GDPR Cyber Kill Chain CORAS

Languages

English — Fluent Danish — Beginner Telugu — Native
// beyond the screen

Extracurricular

🇮🇳 🇩🇰
tsad.dk
Board Member

Telangana Association of Denmark

Representing and uniting the Telangana community across Scandinavia — organizing cultural events, supporting incoming Indian students, and fostering connections between professionals and scholars in Denmark.

Community Leadership Cultural Events Student Support Cross-Cultural Bridge

Gym & Boxing

Discipline · Focus · Resilience

Boxing demands pattern recognition, composure under pressure, and rapid counter-decisions — the same traits that make an elite penetration tester.

Dedication
95%
Consistency
90%

Dance Choreography

Creativity · Coordination · Flow

Choreographing is systems design — coordinating multiple agents toward a timed, unified output. That orchestration mindset maps directly to security incident coordination.

Creativity
88%
Performance
82%

Volleyball Captain

Leadership · Strategy · Teamwork

Captaining means reading the game in real-time, rotating resources, and making split-second calls — not unlike red team coordination during a live engagement.

Leadership
92%
Strategy
85%