About Me
Offensive Security Professional with 8+ years of experience in penetration testing, specializing in web applications, mobile security, cloud infrastructure (Azure), and Active Directory environments. Currently serving as TechLead Cybersecurity at a major financial institution.
Services
🌐 Web Application Testing
Comprehensive security assessments following OWASP methodology, including:
- Authentication & Session Management
- Business Logic Flaws
- API Security (REST/GraphQL)
- Payment Module Security
- CSRF, XSS, SQLi, IDOR vulnerabilities
📱 Mobile Security Assessment
- Android & iOS Application Testing
- Static & Dynamic Analysis
- API Backend Security
- Data Storage Security
- Certificate Pinning Bypass
🏢 Internal Penetration Testing
- Active Directory Attack Paths
- Kerberoasting, AS-REP Roasting
- Lateral Movement Techniques
- Privilege Escalation
- Post-Exploitation
🛡️ External Penetration Testing
- Perimeter Security Assessment
- OSINT & Reconnaissance
- Infrastructure Vulnerability Assessment
- Exposed Services Analysis
☁️ Cloud Security (Azure)
- Azure AD Security Review
- Storage & Key Vault Assessment
- Managed Identity Abuse
- Misconfiguration Detection
- AZ-104 Certified
⚙️ Configuration Audit
- System Hardening Review
- CIS Benchmark Compliance
- Security Best Practices
- Policy & Procedure Review
Certifications
| Certification | Status |
|---|---|
| OSCP | ✅ Certified |
| OSWP | ✅ Certified |
| AZ-104 | ✅ Certified |
| CEH | ✅ Certified |
| CHFI | ✅ Certified |
| OSWE | 🔄 In Progress |
Contact
For professional inquiries, security assessments, or collaboration opportunities:
📧 Email: contact@nadhmi-sec.com
🔗 LinkedIn: /in/nadhmi
💻 GitHub: github.com/nadhmi
"Security is not a product, but a process." — Bruce Schneier