Kartik Jain — Backend Developer & Cybersecurity Researcher
Kartik Jain (jkartik) is a backend developer and cybersecurity
researcher based in Mumbai, India. He designs and builds secure,
scalable backend systems and developer tools, and researches application security —
with responsible disclosures to companies including Meta (WhatsApp) and Microsoft.
He is available for freelance projects.
About
Kartik is a backend & security engineer focused on secure system design,
automation, and digital infrastructure. He builds production backends with Node.js,
FastAPI, and PostgreSQL, and works on the offensive-security side through
vulnerability research and responsible disclosure.
Hire Kartik (Freelance)
Kartik is available for freelance cybersecurity and backend engineering work,
including security assessments, penetration testing, secure backend development,
and API development. To discuss a project, email
contact@jkartik.in.
Technical Skills
- Languages: Python, TypeScript, Dart, C++, Java
- Backend: Node.js, FastAPI, Flask, Express.js
- Databases: PostgreSQL, Drizzle ORM, MongoDB, Neo4j
- Security: Burp Suite, Nmap, Semgrep, Nuclei, Sliver C2
- DevOps: Docker, Nginx, Redis, CI/CD
- Cloud: AWS, Azure, GCP, Oracle Cloud
- Tools: Git, Postman, Linux (Arch, Ubuntu)
Featured Projects
- mpstme.pics — Production-grade photo-sharing platform backend built with Node.js, Express, PostgreSQL, Drizzle ORM, and AWS S3.
- Event Registration Platform — Full-stack event system with Cashfree payments, email confirmations, QR-based ticket scanning, and admin analytics.
- Event App Backends — FastAPI + PostgreSQL systems powering the Taqneeq Fest and Mumbai MUN Flutter apps with referral systems and real-time sync.
- Certificate Portal — Automated event certificate generator and verifier supporting CSV batch upload and template positioning.
- F1 Semicolon — Real-time multiplayer quiz racing game using Node.js, WebSockets, and Redis.
Security Research & Responsible Disclosures
- Reported a privilege-escalation vulnerability in Meta's WhatsApp.
- Disclosed vulnerabilities in Microsoft Intune and Exchange Admin.
- Responsible disclosure of a Stored XSS in the Mumbai Police website (via CERT-In).
- Found critical exposures in The Souled Store and Belgian Waffle Co. (potential infrastructure/CRM compromise).
Leadership
Technical SuperCore at ACM MPSTME and Technical Head at Taqneeq & Mumbai MUN,
leading 150+ students in cybersecurity awareness and technical development.
Frequently Asked Questions
Who is Kartik Jain?
Kartik Jain is a backend developer and cybersecurity researcher based in Mumbai, India, who has responsibly disclosed vulnerabilities to companies including Meta (WhatsApp) and Microsoft.
Is Kartik Jain available for freelance work?
Yes. Kartik takes freelance cybersecurity and backend projects — security assessments, penetration testing, and secure backend/API development. Reach him at contact@jkartik.in.
What does Kartik Jain specialize in?
Backend engineering with Node.js, FastAPI, and PostgreSQL, and application security including vulnerability research and penetration testing.
How can I hire or contact Kartik Jain?
Email contact@jkartik.in (or security@jkartik.in for security reports). He is also on GitHub (KartikJain14) and LinkedIn (kartikjain1410).