About
WHO AM I?
Offensive Security Engineer with strong hands-on experience in penetration testing across multiple domains, including Web Applications, APIs, Android Applications, Linux environments, and Active Directory infrastructures. Experienced in testing a wide range of real-world applications, including fintech apps, social media apps, and business-critical enterprise solutions.
Certifications
- Certified Red Team Professional (CRTP) - Altered Security
- Web Application Penetration Tester eXtreme - eLearnSecurity
Key Stregnth
Web Application Penetration Testing
- Proficient in web application and API penetration testing with hands-on experience in real-world applications (e.g., FinTech, social media), and covering OWASP Top 10 vulnerabilities.
- Strong expertise in both Client-Side and Server-Side vulnerabilities, including complex issues like business logic flaws and API security weaknesses.
- Deep understanding of various web technologies and frameworks to effectively identify and exploit configuration and code-level weaknesses.
Android Application Penetration Testing
- Proficient in Android application penetration testing, including static/dynamic analysis, reverse engineering, Hooking, and identifying real-world vulnerabilities in line with OWASP MASVS.
- Specialized experience with applications built using modern frameworks like Flutter, React Native, and native Java.
- Advanced techniques for bypassing security controls, including Root Detection Bypass, RASP, and advanced SSL Pinning Bypass.
Network Penetration Testing
- Proficient in network penetration testing across Linux and Windows (including Active Directory) , with hands-on experience in enumeration, exploitation, privilege escalation, and post-exploitation.
- Advanced skills in Active Directory (AD) infrastructure assessment, including common attack vectors like Kerberoasting, AS-REP Roasting, Pass-the-Hash, and exploiting AD service misconfigurations.
- Extensive experience with Linux environments and diverse network services, demonstrating the ability to identify and exploit vulnerabilities across various protocols and applications.
Letβs Work Together
If you are looking for Penetration Testing as a Service (PTaaS) for your applications, APIs, mobile apps, or enterprise infrastructure, feel free to reach out.
Services Offered
- Web & API Penetration Testing β Identify vulnerabilities in modern web apps and APIs, following OWASP Top 10.
- Mobile Application Security Testing (Android/iOS) β Static & dynamic analysis, reverse engineering, Frida scripting.
- Network & Active Directory Penetration Testing β Enumeration, exploitation, privilege escalation, and post-exploitation.
π§ Contact me at: Email
We can schedule a meeting to discuss your needs and tailor a security assessment for your business.