CyberSecurity-Focused Developer | Bug Hunter | Open Source Contributor

📍 Noida, India | 🎓 MCA (CyberSecurity) | 🛠️ Flutter • Node.js • JavaScript • Containers and 5+ skills

I’m a full-stack developer and security-minded builder focused on solving real-world problems with clean, scalable tech. I don’t just write features — I find flaws, fix them, and ship systems that work under pressure.

From breaking into live class streams to architecting AI-powered helpdesks — I thrive where logic meets loopholes.

“on September2 2025, After live class, I noticed something off — I could still access the video without being logged in.”

I dug deeper:

• Opened DevTools → no logout triggered
• Copied the video URL → played it in incognito tab → worked without auth
• Recorded proof → reported responsibly → stopped immediately

✅ Impact: Prevented potential content leaks
✅ Action: Reported privately with video evidence
✅ Ethics First: Never shared exploit, never abused access

This isn’t hacking — it’s responsible disclosure. And it’s why teams trust me with their systems.

Problem: Security tools are either too basic or illegal to use.
Solution: Built an advanced, modular toolkit for authorized penetration testing — with built-in ethics guardrails.

• Obfuscated strings + stealth loaders to avoid detection
• Persistence via registry/cron + SMTP exfiltration (for lab use only)
• Auto-installer + PyInstaller build → ready for controlled environments
• ⚠️ Strict legal disclaimers + audit logs included

Problem: Blood requests get lost. Donors don’t know where to go.
Solution: Built a Node.js + MongoDB backend that matches donors to patients in real-time.

• JWT auth + role-based access
• Smart matching engine based on blood type, location, urgency
• Email alerts + donation tracking
• Deployed with Netlify frontend → used by 500+ people

Problem: Manual attendance = errors, delays, fraud.
Solution: Cross-platform Flutter app that lets teachers mark attendance using student photos — fast, accurate, offline-capable.

• Supabase backend + PostgreSQL
• Carousel UI for quick face-based marking
• Export reports, multi-language, calendar sync
• Deployed in 3 colleges → reduced admin time by 70%

Teachers love it. Admins rely on it.

Problem: AI chatbots break when they don’t know the answer. Humans get overloaded.
Solution: Designed a flow where AI routes unknown queries → suggests KB articles → admins create them → system gets smarter.

• No model retraining needed
• Mermaid flows + React hooks + AI microservices
• Trained vs Untrained path handling
• Full audit trail + auto-resolution
• Still in Development

• JavaScript (Advanced) — Async deep dive, closures, event loop, microtasks, DOM optimization
• DSA Fundamentals — Arrays, Hashing, Two Pointers, Sliding Window, Recursion, basic Trees & Graphs
• CyberSecurity — System hardening, network scanning, OWASP Top 10, bug bounty mindset, basic exploit analysis
• Node.js Security — Helmet, rate limiting, input sanitization, JWT best practices, CSRF protection, secure headers
• Docker for Backend Devs — Containerize Node + MongoDB/SQL/Postgressql, docker-compose workflows, multi-stage builds, volume management
• API Design & Testing — REST standards, status codes, Postman automation, contract testing with Supertest, Swagger docs
• MongoDB Advanced — Aggregation pipelines, indexing strategies, schema design, performance tuning, replica sets (basics)
• Backend Resilience — Centralized error handling, logging with Winston/Morgan, graceful shutdowns, health/liveness endpoints

(Focusing on core web + mobile + security stack — no Java/AWS distractions)

• Code Quest — Contributed bug fixes + UX improvements for coding challenge platform
• OpenFiesta — Helped optimize event registration flow + added dark mode toggle
• cyberThreat / BloodConnect / SmartCampus — Sole/major contributor, maintainer, documenter

I don’t just “contribute” — I own modules, write docs, review PRs, and mentor new contributors.

MCA (CyberSecurity Specialization) — Ongoing
BCA — Agra University (2022-2025)

JavaScript TypeScript Python Dart Java

Node.js Express Flutter Supabase MongoDB Firebase

Lmarena.ai n8n Cursor.sh Warp Terminal GitHub Copilot Claude / ChatGPT

Ethical Hacking Secure Auth (JWT/OAuth) Input Sanitization Code Obfuscation

Git Docker Postman VS Code Android Studio MongoDB Compass mongosh

📧 coccoder999@gmail.com
🐙 github.com/tarun1sisodia
💼 linkedin.com/in/tarunsisodia
🐦 @tarunsisodia

“I don’t wait for permission to solve problems. I find them, fix them, and share how I did it — so others don’t have to.”

— Tarun Sisodia