About
Passionate cybersecurity professional with a strong foundation in offensive security (VAPT) and defensive operations. Skilled in identifying vulnerabilities across web, mobile, network, and API infrastructures, while leveraging automation (Python, n8n) to enhance security workflows. Actively expanding expertise in AI security, SIEM operations, and defensive strategies. Open to Security Analyst, Penetration Tester, SOC Analyst, or related cybersecurity roles (Internship/Full-time) to contribute to vulnerability management and incident response within a dynamic enterprise.
Skills & Expertise (39)
Work Experience
Cyber Security Intern
Pedestal Techno World Pvt Ltd
Feb 2026 - Present
Conducted in-depth research on emerging cybersecurity concepts and advanced threat vectors to proactively identify evolving attack methodologies. Explored and tested AI hacking techniques, focusing on identifying and exploiting vulnerabilities within machine learning models. Designed and implemented automation workflows to streamline repetitive work. Synthesized complex findings into technical reports, detailing innovative exploits and recommending targeted defensive countermeasures.
Cyber Security Intern
Elevate Labs
Dec 2025 - Jan 2026
Developed 'Sentinel' CTI Dashboard: Built a real-time threat intelligence tool using Python and Streamlit to automate IP risk scoring via the AbuseIPDB API, featuring 3D global threat visualization. Conducted local network scans using Nmap, identifying critical open ports (e.g., Port 1524) and unpatched services to recommend hardening strategies. Utilized Wireshark to inspect packet captures, successfully distinguishing between clear-text (HTTP) and encrypted (TLS) traffic to detect data leakage risks. Configured Windows Firewall rules to block insecure protocols (Telnet) and audited browser extensions to enforce the Principle of Least Privilege. Analyzed suspicious email headers (SPF/DKIM failures) and typosquatting domains to identify and document social engineering attacks.
Cyber Security Intern
Shadow Fox
Dec 2025 - Jan 2026
Utilized Nmap and Dirb for service enumeration and directory brute-forcing, uncovering hidden administrative panels (/admin) and source code repositories (/CVS). Intercepted and analyzed packet data via Wireshark, validating 'Broken Access Control' and 'Sensitive Data Exposure' vulnerabilities by extracting plaintext credentials. Decrypted Veracrypt volumes using hash analysis and inspected PE headers with PE Explorer to identify software entry points (004237B0). Delivered a finalized Penetration Testing Report, detailing exploitation steps, CVSS severity ratings, and remediation protocols to stakeholders.
Freelance Penetration Tester / Bug Bounty Hunter
Freelance / Self Employed
Aug 2024 - Present
Proactively conducting security research and manual exploitation on hardened targets to identify critical OWASP Top 10 vulnerabilities (XSS, SQLi, IDOR). Analyzing complex business logic errors and privilege escalation vectors in web applications that automated scanners often miss. Participated in bug bounty programs on platforms like Bugcrowd and on VDPs (vulnerability disclosure programs). Hands-on experience in VAPT, specialized in testing web applications across 10+ industries.
Education
Bachelor of Computer Applications – Cyber Security - JECRC University
- 2026 · Afghanistan
Senior Secondary - Maheshwari Public School
- 2023 · Afghanistan
Secondary - Maheshwari Public School
- 2021 · Afghanistan
Certifications
Certified Ethical Hacker (CEH) v12
EC-Council · 2025
Certified Security Specialist (ECSS) v10
EC-Council · 2024
Certified Network Defender (CND) v3
EC-Council · 2024
