About
Offensive Security professional with 1.5+ years of hands-on adversary simulation, penetration testing, and red team operations experience across Windows and network environments. Skilled in the full attack lifecycle — reconnaissance, exploitation, privilege escalation, lateral movement, and persistence — aligned with MITRE ATT&CK; TTPs. Proficient in Kali Linux, Metasploit, Nmap (advanced), Burp Suite, Netcat, and Hydra. Practiced Active Directory enumeration, credential attacks, and C2 framework concepts in enterprise lab environments. Currently pursuing CEH v13 with a focused path toward OSCP-level offensive tradecraft. Strong defensive background in SIEM detection logic and alert threshold analysis provides unique red team depth.
Skills & Expertise (49)
Work Experience
Offensive Security Analyst – Red Team Operations
Hacker Academy
Nov 2023 - Apr 2025
Simulated full red team attack lifecycles — initial access, execution, privilege escalation, lateral movement, and persistence — across Windows enterprise lab environments, aligned with MITRE ATT&CK; phases. Executed brute-force and password-spraying attack simulations targeting authentication systems; identified and documented credential weaknesses across 10+ simulated enterprise hosts. Conducted advanced network reconnaissance and service enumeration using Nmap to identify open ports, misconfigurations, and exploitable attack surfaces across multi-host lab networks. Mapped 20+ adversary TTPs to MITRE ATT&CK; to emulate realistic threat actor behavior across multiple kill chain phases. Probed SIEM detection logic by triggering malicious process execution, identifying alert blind spots and defense evasion opportunities; delivered actionable hardening recommendations. Performed Active Directory enumeration and attack path analysis to identify misconfigured permissions and lateral movement vectors in simulated enterprise environments. Participated in 8+ CTF challenges covering exploitation, privilege escalation, and lateral movement, sharpening real-world offensive tradecraft. Produced professional penetration test reports with CVSS risk ratings, proof-of-concept documentation, MITRE ATT&CK; TTP mapping, and remediation guidance aligned to industry standards.
Freelance Penetration Tester
Self-Employed
Jun 2025 - Nov 2025
Conducted vulnerability assessments and penetration testing engagements across 3+ web and network environments; identified and documented 20+ vulnerabilities including misconfigurations, exposed services, and weak authentication controls. Performed port scanning, service enumeration, and attack surface analysis to identify exploitable entry points; validated findings through controlled exploitation in isolated lab environments. Recommended and implemented secure configurations — least privilege enforcement, MFA enablement, and firewall rule hardening — reducing estimated client attack surface by ~40%. Delivered structured penetration test reports with CVSS severity ratings, proof-of-concept evidence, and business-risk summaries for both technical and non-technical stakeholders.
Education
Post Graduation in Cyber Security (PG-CS) - Hacker Academy
2023 - 2025 · Afghanistan
Bachelor of Computer Application (BCA) - Bangalore City University
2020 - 2023 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
