Devang Solanki

Devang Solanki is a Security Researcher at RedHunt Labs and an offensive security engineer focused on cloud security, attack surface management, and large-scale security automation. His work centers around identifying real-world attack paths across modern cloud environments, with a particular emphasis on exposed assets and internet-scale vulnerability discovery.

He is the creator of IAMX, a multi-cloud IAM permission enumeration framework designed to uncover effective permissions across AWS, GCP, and Azure through large-scale API testing. Devang has also built several open-source security tools focused on Docker security, Firebase misconfigurations, cloud exposure monitoring, and SSRF detection.

His research and tooling have been presented at major security conferences, including Black Hat USA 2025, Black Hat Asia 2025, Black Hat Europe 2024, and Black Hat MEA 2024. He has also responsibly disclosed vulnerabilities to organizations including Salesforce, Cisco, Electronic Arts, and Disney.

Devang actively contributes to the offensive security and bug bounty community through open-source tooling, cloud security research, and practical automation designed to help security teams better understand their real-world exposure.