💬 Connect with Us
You can follow and reach out to the OWASP SCS team in many ways.
- Send us your questions and ideas to GitHub Discussions
- Stay always up-to-date by following us on Twitter.
- Join our Slack community
If you'd like to contribute, take a look at our Contributions page or reach out to the project leaders Carlos or Sven.
Request an invitation to join our Slack channel #owasp-scs
OWASP SCS Project Leaders
Shashank
@cyberboyIndia
Shashank brings over a decade of expertise in uncovering vulnerabilities, reporting them to reputable institutions, conducting pentests, and overseeing responsible disclosure and bug bounty initiatives. His contributions have earned him a place in the Security Hall of Fame for Apple (CVE-2017-7063, CVE-2017-7062, CVE-2017-2458), Twitter, Google, Facebook, Dropbox, and more than 40 other organizations, showcasing his knack for identifying significant security concerns.
Apart from Bug Bounties, Shashank has worked as a security analyst for HackerOne and performed 200+ pentests with Cobalt. He was also a security engineer for Web3 Company Avalanche before starting his venture CredShields where he is building an AI-powered cloud-based Smart Contract Security Scanner called SolidityScan.com
OWASP SCS Project Maintainers
Pratik Lagaskar
@warlordsam077
Pratik is a Security Researcher at CredShields, focused on postmortems of web3 rekts, TX analysis & OSINT, tokenomics, and research into web3 security. Previously, Pratik has worked in traditional security with expertise in Red Teaming, code reviews (with proficiency in linters, fuzzers, CodeQL, Semgrep, CxQL), DevSecOps, hypervisor and browser security. He also holds various web2 security certifications. Pratik is very active in all types of CTFs, a major contributor to GSoC and OWASP; and has also won multiple hackathons. He has in-depth working experience with Go, Rust and good understanding of Solidity and Move. Currently, he is dabbling with web3sec and expanding his knowledge in EVM internals, various DeFi protocols, altchains (Cosmos, Solana), node reviews, hash-based snargs and Formal Verification (CVL, Coq and Dafny). When he is not working, Pratik spends majority of his free time strengthening audit skills by participating in contests and bug bounties.
Nehal Pillai
@nehal_10_0
Nehal Pillai has been a security researcher at CredShields and a cybersecurity graduate student at the University of Maryland, College Park. At CredShields, he has been a part of the team developing SolidityScan, an AI-powered cloud-based Smart Contract Security Scanner, driving innovation in smart contract security. With a deep passion for ethical hacking and as an OSCP-certified professional, Nehal specializes in uncovering vulnerabilities, conducting penetration tests, and securing digital assets. As a bug bounty hunter, Nehal has secured over 100 prominent companies through platforms like HackerOne, including major players like Apple and Google. He proudly represented India at the BlackHat MEA 2022 CTF World Finals, showcasing his expertise on a global stage.In addition, Nehal has identified over 35 vulnerabilities, which have been assigned CVEs and registered under MITRE and NIST NSD, making significant contributions to the cybersecurity community.