🔭 Experienced Information Security Consultant
🎓 Master's in Certified Ethical Hacking by CE-Council.
📶 29x CVE
🌱 Preparing for CRTP/OSCP.
👯 Collaborate on Open Source Projects.
🎮 CTF Player at Hack The Box and TryHackMe.
🔍 Cybersecurity Professional Exploring Red Teaming
💂 Passionate About Offensive Security.
🎭 Perform Vulnerability Assessments 🔍
🎭 Perform penetration tests on Web applications 🌐
🎭 Perform penetration test on API 📡
🎭 Network penetration test 🌐
🎭 Secure Source Code Review 🔐
🎭 Mobile Pentesting 📱
🎭 Thick Client Pentesting 💻
🎭 Desktop Application Pentesting 🖥️
🔍 Segmentation-Testing - Tools and scripts for network segmentation testing.
🕵️ Clickjacking-Poc - Proof of concept for clickjacking vulnerabilities.
💬 Interview-CyberSecurity - Interview questions and resources for cybersecurity professionals.
📜 CEH_v11 By EC Council
📜 CEH Practical By EC Council
📜 CEH Master By EC Council
📜 Multi-Cloud Red Teaming Analyst by CyberWarFare Labs
📜 mobile-application-penetration-testing By TCM Security
📜 practical-api-hacking By TCM Security
📜 windows-privilege-escalation By TCM Security
📜 Introduction to Cyber Security By Tryhackme
📜 Pre Security By Tryhackme
📜 Technical Support Fundamentals by Google At Coursera
📜 Introduction to Cybersecurity Tools & Cyber Attacks by IBM At Coursera
📜 Programming for Everybody by University of Michigan At Coursera
📜 APIsec Course Certificate By APIsec University
📜 Intro to Bug Bounty Hunting and Web Application Hacking by @NahamSec By Udemy
📜 BUG BOUNTY HUNTING WITH BURP SUITE by Kuldeep Sharma By Udemy
📜 Official (ISC)² Certified in Cybersecurity By ISC²
📜 Certified AppSec Practitioner By SecOps Group
| Category | Tools |
|---|---|
| Web App Pentesting | Burp Suite Pro 🌐, OWASP ZAP 🌐, Nmap 🌐, Nikto 🌐, Acunetix, HCL-AppScan 🌐, Wfuzz 🌐, SQLMap 🌐, Amass 🌐, NetSparker 🌐, Fortify-WebInspect 🌐 |
| Mobile App Pentesting | Android:: MobSF 📱, Frida 📱, APKTool 📱, JADX 📱, AndroidStudio/Genymotion 📱, Drozer 📱, Magisk Root 📱, APKX 📱, mitmproxy 📱, Objection 📱, adb 📱 iOS:: MobSF 📱, Frida 📱, Objection 📱, Cycript 📱, iOS Hook 📱, Needle 📱, Class-dump 📱, Burp Suite Mobile Assistant 📱, SSL Kill Switch 2 📱, iMazing 📱 |
| API Pentesting | Postman 📡, Insomnia 📡, Burp Suite Pro 📡, OWASP Amass 📡, 42Crunch API Security 📡, Swagger Inspector 📡, Kite Runner 📡, SecApps Intercept 📡 |
| Secure Code Review | SonarQube 🔐, Snyk 📡,Semgrep 🔐, Checkmarx 🔐, Veracode 🔐, Fortify-WorkbencAudit 🔐, CodeQL 🔐, Bandit 🔐, FindSecBugs 🔐, Gitleaks 🔐 |
| Thick Client Pentesting | Fiddler 💻, Burp Suite Pro 💻, dnSpy 💻, IDA Pro 💻, Ghidra 💻, Process Explorer 💻, CFF Explorer 💻, OllyDbg 💻, x64dbg 💻, Wireshark 💻 |
| Network Pentesting | Nmap 🌐, Wireshark 🌐, Metasploit Framework 🌐, Nessus 🌐, OpenVAS 🌐, Responder 🌐, CrackMapExec 🌐, BloodHound 🌐, Netcat 🌐, Bettercap 🌐 |
| Cloud Security | Prowler ☁️, ScoutSuite ☁️, CloudSploit ☁️, Pacu ☁️, Steampipe ☁️, CloudMapper ☁️, NCC Group Scout ☁️, kube-bench ☁️ |
| Container Security | Trivy 🐳, Aqua Microscanner 🐳, Clair 🐳, Anchore 🐳, Docker Bench 🐳, kube-hunter 🐳, Falco 🐳, Sysdig 🐳, Snyk 🐳 |
