0%
PORTFOLIO // v2.0 BASED IN INDIA 00:00:00 IST

SHASHWAT SHAH

> SECURITY ENGINEER / VAPT / FOUNDER — CODIFY

I break into systems so attackers can't — and build the web presences businesses run on.

01

WHO AM I

22-year-old security professional with a builder's brain. Bachelor's in Computer Applications, Master's in Cybersecurity — now running vulnerability assessments & penetration tests against real-world targets.

In 2025 I founded Codify — an agency that designs and builds websites, grows them with marketing and SEO, and then hardens them with offensive security testing. Most agencies build. Most security firms break. We do both, which means everything we ship is built to survive an attack.

Lately I'm deep into AI & agentic systems — agentic coding, and pushing AI into offensive security. I've wired Claude Code into Burp Suite via a custom MCP server, and built a Kali MCP server too — so an AI agent can actually drive the tools I pentest with. The future of VAPT is human judgement plus agentic speed, and I'm building toward it.

0+ VULNERABILITIES REPORTED
0 DEGREES — BCA / M.Sc CYBERSEC
0 SERVICE VERTICALS AT CODIFY
02

WHAT CODIFY DOES

VISIT CODIFY ↗
/01

WEB DEVELOPMENT

High-performance websites and web apps — engineered, not templated. From landing pages to full products, built fast and built secure from line one.

FRONTENDBACKENDE-COMMERCEWEB APPS
/02

MARKETING & SEO

A site nobody finds is a liability. Technical SEO, content strategy and performance marketing that put you on page one — and keep you there.

TECHNICAL SEOCONTENTANALYTICSADS
/03

CYBERSECURITY — VAPT

Vulnerability assessment and penetration testing by people who do it daily. We attack your infrastructure the way a real adversary would — then hand you the report and the fixes.

WEB APP PENTESTNETWORK VAPTAPI SECURITYREPORTING
03

ARSENAL

// OFFENSIVE

  • Burp Suite Pro
  • Nmap / Nessus
  • Metasploit
  • OWASP Top 10
  • API Testing

// BUILD & AI

  • JavaScript / TS
  • Python
  • React / Node
  • MCP / Agentic AI
  • Claude Code

// GROWTH

  • Technical SEO
  • Google Analytics
  • Search Console
  • Performance Audits
  • Content Strategy

// STANDARDS

  • OWASP WSTG
  • PTES
  • CVSS Scoring
  • ISO 27001 aware
  • Report Writing
04

SELECTED WORK

01 2026

STOCK BROKING PLATFORMS

FINTECH / TRADING — CONFIDENTIAL

Web & API penetration tests across multiple stock-broking platforms — authentication, order execution, funds movement and trading workflows tested against real adversary tactics.

WEB APP PENTESTAPI SECURITYTRADING FLOWS
MULTIPLE BROKERS
ASSESSED
02 2026

AI-AUGMENTED PENTESTING

SECURITY R&D — OWN TOOLING

Built custom MCP servers wiring Claude Code into Burp Suite and Kali Linux — letting an AI agent drive real offensive tooling: recon, request tampering and exploitation, human-in-the-loop.

MCP SERVERBURP SUITEKALIAGENTIC AI
AI-DRIVEN
OFFENSIVE OPS
03 2025

STATE ENTRANCE-EXAM PORTAL

GOVERNMENT / EDTECH — CONFIDENTIAL

Admin-portal VAPT for a large state-level entrance-examination system — access control, privilege boundaries and candidate-data protection across the administrative back-end.

WEB APP PENTESTACCESS CONTROLADMIN PANEL
ADMIN PORTAL
HARDENED
04 2025

PSYCHOLOGY PRACTICE SITE

HEALTHCARE — WEB BUILD

End-to-end website for a practising psychologist — a calm, trustworthy design with appointment enquiry, service pages and on-page SEO baked in.

WEB BUILDUI / UXON-PAGE SEO
BUILT + SHIPPED
END TO END
05 2026

CODIFY — AGENCY SITE

SELF-INITIATED — LIVE ↗

The flagship site for my own agency — a design playground packing 18 distinct design styles under one roof, from brutalist to glassmorphic. Built to prove range: whatever look a client wants, we can ship it.

WEB BUILD18 DESIGN STYLESMOTIONOWN BRAND
18 STYLES
ONE BUILD

* CLIENT NAMES WITHHELD UNDER NDA — FULL CASE STUDIES & REPORTS ON REQUEST

> INITIATE HANDSHAKE

LET'S BUILD
SOMETHING SECURE