Professional Expertise
๐
Web Application Testing
- OWASP Top 10 vulnerabilities (CSRF, XSS, SQLi, IDOR)
- API Security assessment (REST/GraphQL)
- Authentication & Session Management bypass
- Business Logic Flaws identification
- Payment Module Security testing
๐ฑ
Mobile Security Assessment
- Android & iOS Application Testing
- Static & Dynamic Analysis
- API Backend Security assessment
- Data Storage & Encryption verification
- Certificate Pinning & SSL Bypass
๐ข
Internal Penetration Testing
- Active Directory Attack Paths exploitation
- Kerberoasting & AS-REP Roasting
- Lateral Movement & privilege escalation
- Post-Exploitation & persistence
- Domain controller & forest enumeration
๐ก
๏ธ External Penetration Testing
- Perimeter Security Assessment
- OSINT & Reconnaissance methodology
- Infrastructure Vulnerability Assessment
- Exposed Services & data discovery
- Social Engineering assessment
โ
๏ธ Cloud Security
- Azure AD & Entra ID Security Review
- Storage & Key Vault Assessment
- Managed Identity Abuse prevention
- Misconfiguration Detection
- AZ-104 Certified & expertise
โ
๏ธ Configuration Audit
- System Hardening & policy review
- CIS Benchmark Compliance assessment
- Security Best Practices implementation
- Policy & Procedure Documentation
Certifications & Credentials
OSCP
Offensive Security Certified Professional
Certified
OSWP
Offensive Security Wireless Professional
Certified
AZ-104
Microsoft Azure Administrator
Certified
CEH
Certified Ethical Hacker
Certified
CHFI
Computer Hacking Forensic Investigator
Certified
OSWE
Offensive Security Web Expert
In Progress
Let's Connect
Have a project in mind or want to discuss cybersecurity? Let's talk!