I'm a Penetration Tester with a passion for offensive security, ethical hacking, and helping organizations identify and fix their vulnerabilities before attackers can exploit them. I specialize in Web, API, Mobile, and Network Penetration Testing, and I enjoy turning weaknesses into actionable improvements.
🔍 Tools & technologies I work with regularly include: Burp Suite, Nmap, Wireshark, Metasploit, OWASP ZAP, SQLmap, ffuf, Subfinder, Amass, APKTool, MobSF, ADB, and JWT Debugger.
💡 Areas of expertise:
- Web Application Pentesting (OWASP Top 10)
- Mobile App Security (Android)
- API Pentesting (REST & GraphQL)
- Reconnaissance and Subdomain Enumeration
- Vulnerability Scanning & Manual Exploitation
- Reporting with PoCs and remediation guidance
🚀 Sample Projects & Experience:
- Built automated recon workflows using Bash, Python, and tools like
httpx,nuclei, andgf - Discovered critical IDOR and authentication flaws in live systems
- Performed mobile app assessments using static/dynamic analysis (MobSF, Frida, APKTool)
- Participated in bug bounty programs on platforms like HackerOne & Bugcrowd
💬 Ask me about: Offensive Security, Bug Bounty, Red Teaming, Exploit Development, or Reporting Best Practices