Hirday Shevkani
Software Engineer / Cybersecurity Analyst
About
Adaptable Computer Applications student combining a strong foundation in Data Structures and Algorithms (C/C++) with practical experience in offensive security (VAPT) and defensive operations. Skilled in identifying vulnerabilities across web, mobile, network, and API infrastructures, while leveraging automation (Python, n8n) to enhance security workflows. Demonstrated logical problem-solving skills through 40+ LeetCode challenges and manual bug bounty hunting. Flexible and quick to learn emerging technologies, actively expanding expertise in AI security, AI Governance, SOC operations, and defensive strategies. Highly capable of designing system architectures, data flows, and automation tools to contribute to vulnerability management and incident response within a dynamic enterprise.
Skills & Expertise (31)
Work Experience
Cyber Security Intern
Pedestal Techno World Pvt Ltd
Feb 2026 - Present
Explored and tested AI hacking techniques, focusing on identifying and exploiting vulnerabilities within machine learning models, while researching AI Governance frameworks to proactively secure evolving threat vectors. Conducted in-depth research on emerging cybersecurity concepts and advanced threat vectors to proactively identify evolving attack methodologies. Designed and implemented automation workflows to streamline repetitive work. Synthesized complex findings into technical reports, detailing innovative exploits and recommending targeted defensive countermeasures.
Cyber Security Intern
Elevate Labs
Dec 2025 - Jan 2026
Conducted local network scans using Nmap, identifying critical open ports (e.g., Port 1524) and unpatched services to recommend hardening strategies. Utilized Wireshark to inspect packet captures, successfully distinguishing between clear-text (HTTP) and encrypted (TLS) traffic to detect data leakage risks. Configured Windows Firewall rules to block insecure protocols (Telnet) and audited browser extensions to enforce the Principle of Least Privilege. Analyzed suspicious email headers (SPF/DKIM failures) and typosquatting domains to identify and document social engineering attacks.
Cyber Security Intern
Shadow Fox
Dec 2025 - Jan 2026
Utilized Nmap and Dirb for service enumeration and directory brute-forcing, uncovering hidden administrative panels (/admin) and source code repositories (/CVS). Intercepted and analyzed packet data via Wireshark, validating 'Broken Access Control' and 'Sensitive Data Exposure' vulnerabilities by extracting plaintext credentials. Decrypted Veracrypt volumes using hash analysis and inspected PE headers with PE Explorer to identify software entry points (004237B0). Delivered a finalized Penetration Testing Report, detailing exploitation steps, CVSS severity ratings, and remediation protocols to stakeholders.
Freelance Penetration Tester / Bug Bounty Hunter
Freelance / Self Employed
Aug 2024 - Present
Proactively conducting security research and manual exploitation on hardened targets to identify critical OWASP Top 10 vulnerabilities (XSS, SQLi, IDOR). Participated in bug bounty programs on platforms like Bugcrowd and on VDPs (vulnerability disclosure programs). Analyzing complex business logic errors and privilege escalation vectors in web applications that automated scanners often miss. Hands-on experience in VAPT, specialized in testing web applications across 10+ industries.
Education
Bachelor of Computer Applications – Cyber Security - JECRC University
- 2026 · Afghanistan
Senior Secondary - Maheshwari Public School
- 2023 · Afghanistan
Secondary - Maheshwari Public School
- 2021 · Afghanistan
Certifications
Certified Ethical Hacker (CEH) v12
EC-Council · 2025
Certified Security Specialist (ECSS) v10
EC-Council · 2024
Certified Network Defender (CND) v3
EC-Council · 2024
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (31)
Click a skill to find developers with the same skill
