I am a versatile professional with a unique blend of 5+ years of experience in software development and a passion for offensive cybersecurity. My work is defined by my dedication to building solutions that are not only high-performing but also secure by design. Architecting secure digital ecosystems, identifying vulnerabilities before they're exploited, and neutralizing threats with precision.
Developing robust, secure software and systems from the ground up, embedding security principles throughout the lifecycle.
Implementing comprehensive defense strategies, monitoring for threats, and responding decisively to incidents.
Simulating real-world attacks to uncover weaknesses and eliminate attack vectors before malicious actors can leverage them.
Architected and developed a complex, full-stack alarm management system for a major financial institution. I successfully completed this project after it was deemed too challenging for the bank's internal team, showcasing my ability to deliver enterprise-grade solutions under pressure.
As my final-year BSc project, I developed VulnExposer, a comprehensive web application designed to help website owners and security researchers identify security flaws. The application's goal is to proactively address the growing concern of cyber threats by detecting and reporting security flaws before they can be exploited by malicious actors.
The Challenge: In the contemporary digital age, websites serve as a backbone for various services, but this reliance also comes with significant risks like data breaches and malware injections. Vulnerability scanning is a crucial practice for identifying security weaknesses, enabling owners to proactively address these issues.
My Solution: I architected and built VulnExposer to be a powerful, automated solution to this problem. It is designed to evaluate websites against the OWASP Top 10 vulnerabilities, ensuring comprehensive coverage of the most critical security risks. The application employs a combination of scanning techniques, including port scanning, DNS analysis, and CVE detection, to provide a detailed assessment of a website's security posture.
VulnXposer provides real-time updates during the scanning process via Socket.io, which enhances the user experience and allows for immediate action if a critical vulnerability is found. It also generates detailed reports that outline vulnerabilities, their potential impact, and recommended remediation steps.
Core Technologies:
The Impact: The VulnExposer project is a testament to my ability to not only use industry tools but to build them from the ground up. It empowers developers and organizations to proactively address vulnerabilities, ultimately contributing to a safer online environment.
An award-winning invention recognized with the Digital Bangladesh Award 2022. This project was a successful collaboration between hardware and software, where I architected the software system to solve a critical safety problem.
My expertise in offensive security is grounded in hands-on, dedicated research. I am actively engaged in CVE analysis and Proof-of-Concept (PoC) development for new vulnerabilities. I have a strong foundation in reverse engineering, malware analysis, and buffer overflow exploitation, which gives me a unique perspective on how to find and fix the most critical security flaws. I am also actively applying my skills through bug bounty programs, where I have submitted several reports to real-world applications. This practical experience, combined with my continuous learning in web exploitation, drives my ability to identify and neutralize threats.
Ready to build a secure and high-performing application? Let's discuss your security challenges or project requirements.