IoTWiz — Khushal Mistry | IoT Pentester & Security Researcher

# ╔══════════════════════════════════════╗

# ║ KHUSHAL MISTRY — IoTWiz ║

# ╚══════════════════════════════════════╝

## whoami

  ╭──────────────────────────────────────────────────╮
  │  ██╗  ██████╗ ████████╗██╗    ██╗██╗███████╗     │
  │  ██║ ██╔═══██╗╚══██╔══╝██║    ██║██║╚══███╔╝     │
  │  ██║ ██║   ██║   ██║   ██║ █╗ ██║██║  ███╔╝      │
  │  ██║ ██║   ██║   ██║   ██║███╗██║██║ ███╔╝       │
  │  ██║ ╚██████╔╝   ██║   ╚███╔███╔╝██║███████╗     │
  │  ╚═╝  ╚═════╝    ╚═╝    ╚══╝╚══╝ ╚═╝╚══════╝     │
  ╰──────────────────────────────────────────────────╯

root@iotwiz:~$ █

Security Analyst IoT Pentester 6+ Years in Security

## About

➜ I'm Khushal Mistry, a Security Analyst with 6+ years of experience across multiple security domains. I've done it all — web apps, Android, iOS, network pentesting, source code review, and thick client assessments.

➜ But when I discovered IoT security, everything changed. I fell in love with breaking into connected devices. For the last 2+ years, I've been hunting vulnerabilities in IoT ecosystems — and I haven't looked back.

➜ Currently at NetSquare, I handle multiple IoT security projects single-handedly. Alongside my job, I do my own research — testing smart cameras, routers, and custom hardware — because breaking things is how I learn best.

➜ I believe there's no proper IoT-specific certification out there. So instead of collecting certificates, I'm sharing my knowledge and experience with the community — because growing together matters more.

6+

Years in Security

2+

Years IoT Focus

7+

Security Domains

∞

Research Drive

#!/bin/bash
                            
# skills.sh —
                                    Security Arsenal
 
load_module "IoT
                                            Security"
Firmware Reverse Engineering
Hardware Hacking (UART, JTAG, SPI)
Protocol Analysis (MQTT, CoAP, ZigBee)
Smart Camera & Router Pentesting
Embedded Systems & Custom Hardware
load_module "Application
                                            Security"
Web Application Pentesting
Android Application Testing
iOS Application Testing
Thick Client Assessment
load_module "Network &
                                            Source Code"
Network Pentesting
Source Code Review
Wireless Security (WiFi, BLE, RF)
load_module "Tools &
                                            Languages"
Burp Suite
Nmap
Wireshark
Metasploit
Frida
Ghidra
Binwalk
Python
Bash
Objection
MobSF
JADX
Logic Analyzer
Raspberry Pi
SDR
OpenWRT

// experience.json

{

"career": [

"period": "2024 — Present"

"role": "Security Analyst — IoT Specialist"

"org": "NetSquare"

// Leading multiple IoT security projects single-handedly
// Testing smart cameras, routers & custom embedded hardware
// Firmware analysis, hardware hacking & protocol pentesting
// Self-driven IoT research & learning alongside work

"period": "2020 — 2024"

"role": "Security Analyst — Multi-Domain"

"org": "Security Consulting"

// Web application penetration testing & OWASP assessments
// Android & iOS mobile application security testing
// Network infrastructure & thick client pentesting
// Source code review for critical vulnerabilities

"period": "Alongside Job"

"role": "Self-Driven IoT Research"

"org": "Personal Lab + Community"

// Tearing apart smart cameras for fun & learning
// Analyzed 3+ routers for firmware vulnerabilities
// Custom hardware security testing & exploitation
// Sharing findings with the security community

]

}

# certs.conf — My
                                    Philosophy on Certifications
 
🧠
[philosophy]
belief = "No IoT-Specific Cert Exists"
reason = "I've searched, but no certification truly covers IoT
                                                pentesting in depth."
status = CONVICTION
🔬
[approach]
method = "Learn by Research"
details = "I learn by tearing apart real devices — cameras,
                                                routers, custom hardware."
status = ACTIVE
🌐
[community]
mission = "Share, Don't Hoard"
details = "Instead of certificates, I share my knowledge and
                                                experience with the community."
status = GROWING
🚀
[goal]
vision = "Grow Together"
details = "When the community expands with me, that's the real
                                                certification."
status = ∞ ONGOING

# projects/ — Security Research & Tools

📹

Smart Camera Pentest

● RESEARCH

// Full security assessment of a smart camera
// Firmware extraction, network traffic analysis, API testing

Binwalk Wireshark Burp Suite

📡

Router Firmware Analysis

● RESEARCH

// Analyzed 3+ consumer routers for vulnerabilities
// Found hardcoded credentials, command injection, and more

Ghidra Binwalk OpenWRT

🔓

NetSquare IoT Assessments

● PRIVATE

// Multiple IoT security projects handled single-handedly
// End-to-end: hardware, firmware, protocol & cloud testing
// Thank you NetSquare for providing such a great experience & path to explore 🙏

UART JTAG SPI

⚡

Custom Hardware Hacking

● LAB

// Building & breaking custom embedded hardware
// Hands-on exploitation of debug interfaces & buses

Logic Analyzer Raspberry Pi SDR

# contact.cfg — Establish Connection

[connection]
protocol = "secure_message"
encryption = AES-256
status = LISTENING
                                    
 

$ sender_name =

$ sender_email =

$ message =

⟁ GitHub ◈ LinkedIn ◉ Twitter / X ◎ Email