About
As a passionate security consultant, I am dedicated to making the digital world safer by focusing on identifying vulnerabilities and implementing robust security measures. With a strong commitment to enhancing cybersecurity, I work diligently to protect systems, networks, and data from potential threats.
Skills & Expertise (17)
Work Experience
Security Consultant
Innefu Labs
Mar 2025 - Present
Performed manual and automated VAPT on web applications and APIs, finding high‑impact issues such as XSS, LFI, SSRF, CSRF, broken access control, OTP bombing, CAPTCHA bypass, IDOR and sensitive data exposure. Showed real business impact by chaining vulnerabilities into attack paths leading to account takeover, unauthorized data access, and realistic data‑breach scenarios. Prepared clear, client-ready reports with technical details, proof-of-concept steps, risk ratings and prioritized fixes aligned with OWASP guidelines. Worked with SOC/blue team members to check detection and alerting for attacks like XSS, SSRF and brute force, helping improve monitoring rules. Built and maintained a Docker based security lab and configured pfSense firewall for network segmentation, VPN and traffic control to support isolated environments for offensive security testing. Tested web APIs using Burp Suite, Postman and custom scripts to find auth bypass, IDOR, rate‑limit issues and sensitive data leaks, and performed internal and external network penetration tests using Nmap and vulnerability scanners to identify weak services, outdated software and misconfigurations.
Education
Master of Computer Application - Guru Govind Singh Indraprastha University
2017 - 2020 · Afghanistan
Bachelor of Computer Applications - Sikkim Manipal University
2012 - 2015 · Afghanistan
Certifications
Offensive Security Certified Professional (OSCP)
· 2024
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Depends on Offer