Rachit Arora

whoami

I’m Rachit, a former Security Engineer intern at Amazon. I play CTFs with L3ak CTF Team.

I write about security. Connect with me on LinkedIn .


Work Experience


Education

Master of Engineering (M.Eng.) in Cybersecurity University of Maryland, College Park - UMD - Graduated December 2025

Bachelor’s degree in Information Technology Sikkim Manipal Institute of Technology - SMU - Graduated 2023


Speaker and CTF Developer Experience

Think You’re Stealthy? How to Detect Attacks in AD

• Presented at BsidesCharm 2025 by Rachit Arora, Aakash Raman, Sai Sathvik Ruppa.

• As Active Directory attacks rise, red teamers often focus on “pwning” systems, but real-world engagements require understanding the artifacts these tools leave. In “Think You’re Stealthy? How to Detect Attacks in AD”, we’ll explore the workings of commonly used AD pentest tools and the artifacts they leave behind. Ideal for anyone looking to deepen their knowledge of defense in AD environments.

• You can find the slides here: Github

CTFs I created with Cloud Village

• Collection of CTFs I have built for different villages for various conferences like Defcon, RSA and Bsides.

• You can see all the challenges I made here Github

Certifications & CVEs

CVE-2023-47184

• Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar & Dashboard Access Control plugin <= 1.2.8 versions. More information about CVE-2023-47184 here

CVE-2023-49743

• Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dashboard Widgets Suite <= 3.4.1 versions. More information about CVE-2023-49743 here

Certifications


CTFs


Have any questions

Do you have any questions? Feel free to reach out to me on Twitter or on LinkedIn.