Pinaka is a security recon platform built by Parth Shukla. It is the first MCP-native security tool, allowing you to chat with your attack surface through Cursor, Claude Desktop, or any MCP client. It includes subdomain discovery, vulnerability scanning, an autonomous AI pentest agent, and 24/7 watchdog monitoring.

Parth Shukla is an AI Security Engineer at Harness. He is a conference speaker who has presented at 11+ events across 3 countries including BSides, OWASP, Hack.lu, and AI Dev World. He is the creator of Pinaka, PromptGuard, Intent Sentinel, and LLM Red Team Ranger.

How much does Pinaka cost?

Pinaka offers a free Starter plan, a Hunter plan from $25/month for individual researchers, and an Elite plan from $49/month for professional teams. A Founding Member program offers 30% off forever for the first 100 members.

Parth Shukla

Security Engineer focused on AI and API risk, building tools to defend systems before they break.

Creator of Pinaka, Intent Sentinel, and PromptGuard. Speaker at BSides, OWASP, AI Dev World, and 8+ other security conferences.

Career Journey: Building at the Intersection of AI and Security

Building offensive security tools and defending AI systems — one year at a time.

Security Research Engineer - AI Security at Harness (2025 - Present)

Bengaluru, India

Working on Security for AI and AI for Security.
Securing AI workloads and dogfooding the Harness platform to deploy agentic security infrastructure (Pinaka) at scale.

AI Engineer at Aikido Security (2025)

San Jose, USA

Built and deployed security AI agents for automated exploit testing, improving prompt logic and performance.
Created real vulnerable environments from GitHub Advisories to validate and refine exploit capability of AI Agents.

Security Analyst and Builder at Cequence Security (2024)

San Jose, USA

Performed live API monitoring and conducted real-time threat audits, dramatically enhancing incident detection and response capabilities.
Spearheaded the creation of advanced test suites for API Security Testing — fully aligned with OWASP API Top 10 and LLM Top 10 standards.
Found and reported critical security vulnerabilities in customer environments and Fortune 500 companies.

Security Analyst at Cequence Security (2023)

San Jose, USA

Performed live API monitoring and conducted real-time threat audits, enhancing incident detection and response.
Spearheaded advanced test suites aligned with OWASP API Top 10 and LLM Top 10 standards.
Launched Intent Sentinel, an AI firewall for chat using Next.js and GPT-3.5 for intent and trust filtering.

Student Network Technician at Northeastern University (2022)

Boston, USA

Spearheaded the Invisible Defense Project, deploying Juniper switches and port patches to strengthen campus network security.
Configured network switches via CLI and optimized wireless infrastructure across campus.
Began speaking at security conferences, sharing research on offensive security techniques.

Security Analyst at Tata Consultancy Services (2020)

Gandhinagar, India

Conducted thorough security assessments to identify and address critical vulnerabilities, enhancing system integrity.
Built a Java-based backend framework with Spring Tool Suite for internal platforms, enabling access for 10,000+ employees.
Achieved 2nd place in TCS's global Best Ethical Hacker competition.
Won the Innovation Pride Award in Q1 for groundbreaking security framework improvements.

Projects: Tools I've Built

Open-source and production security tools focused on AI, APIs, and offensive automation.

Pinaka

Subdomain reconnaissance and API attack surface management platform. Automates recon for Red Team operations with real-time discovery and ML insights.

Technologies: AWS Fargate, Serverless Lambda, Harness CI/CD, Agentic AI, Python

Try Pinaka

PromptGuard

LLM system prompt vulnerability scanner that identifies prompt injection, content leaks, and behavioral override triggers. Integrated with Gemini.

Technologies: OWASP LLM Top 10, Gemini, Python

Intent Sentinel

AI firewall for LLM input classification. Filters malicious intent and trust levels in real-time chat applications.

Technologies: Next.js, GPT-3.5, TypeScript

LLM Red Team Ranger

Continuous multi-turn adversarial testing tool for LLMs. Simulates prompt injection, data leaks, and roleplay abuse with severity classification.

Technologies: Python, LLM APIs, Red Teaming

Speaking Across the Globe

Sharing research on API security, AI red teaming, and LLM vulnerabilities at industry conferences.

11+ conferences across 3 countries, 500+ attendees reached.

Hack.lu 2025 — Luxembourg (Workshop)
c0c0n 2025 — Kerala, India (Workshop)
HOU.SEC.CON 2025 — Houston, TX (Talk)
BSides Seattle — Seattle, USA (Workshop)
OWASP Boston — Boston, USA (Workshop)
AI Dev World 2025 — San Jose, USA (Talk)

View all conference talks

Skills and Expertise

Security research, tool development, and AI defense across the full stack.

AI and LLM Security: Agentic AI, AI Red Teaming, AI Security, Anthropic Claude, Gemini, LangChain, LLM Security, OpenAI API, Prompt Injection, RAG Security
Offensive Security and Pentesting: API Security, Burp Suite, Nmap, Nuclei, OWASP Top 10, Penetration Testing, Red Teaming, Shodan, SQLMap, Vulnerability Research, Threat Intelligence
Engineering and Infrastructure: AWS, AWS Lambda, CI/CD (Harness), Docker, Flask, Java, MongoDB, Next.js, Python, React, Spring Boot, Terraform, TypeScript
Response and Operations: Incident Response, Threat Intelligence, Attack Surface Management

Let's Connect

Interested in collaborating, booking a talk, or discussing AI security? I'm always open to connecting with fellow security professionals.

Get in Touch LinkedIn X / Twitter