Full-Stack Developer · Security Researcher

I build production systems and security focused tooling.

My work sits between engineering delivery and practical security research. Backend systems, reconnaissance automation, and application security.

View Projects GitHub LinkedIn
Core Focus
Engineer with security depth
Available
5+
Major Builds
Banking, security, IoT, automation
2022
Award Year
Digital Bangladesh recognition
6+
Years XP
Dev + security research
Backend Engineering
APIs, authentication, monitoring flows, and production-oriented system design.
Security Research
Attack-surface mapping, vulnerability analysis, and automation for testing workflows.
Real Delivery
Banking systems, security tools, and award-winning engineering work with measurable outcomes.
Proof
The strongest signals
Real work, real results.
Banking Platform
Built a real-time alarm management system for Southeast Bank Bangladesh. 24/7 monitoring, reduced manual workload by 70%.
National Award
Smart Helmet received the Digital Bangladesh Award 2022, recognized by the Prime Minister for engineering innovation.
Security Tooling
Developed VulnXposer scanner and recon automation pipelines for vulnerability discovery and triage workflows.
Featured Projects
Selected work
Lead Developer · Banking
South-East Bank Alarm Management System
Architected and delivered a 24/7 monitoring platform for alarm workflows, operational visibility, and backend processing.
  • Took the project from requirements to deployment
  • Reduced manual monitoring overhead by 70%
  • Backend APIs, workflow logic, operations support
PHPKotlinMySQLBanking
Security Product · SaaS Scanner
VulnXposer
Built a web-based vulnerability assessment platform around structured scanning, reporting, and review workflows.
  • Integrated automated web and network checks
  • OWASP ZAP, DNS analysis, port scanning
  • Designed for repeatable assessment flows
ReactNode.jsOWASP ZAPNmap
Open repository
AI-Powered IoT Safety System
Smart Helmet
Accident detection and vehicle recognition using Python, OpenCV, and embedded hardware. Recognized nationally.
  • Digital Bangladesh Award 2022
  • GPS/GSM accident alert integration
  • OpenCV vehicle recognition logic
PythonOpenCVIoTGPS/GSM
About
Engineering first. Security aware by default.
I started in software engineering and moved deeper into cybersecurity research. That mix gives me both delivery depth and attacker-minded analysis when reviewing systems.
My strongest fit is engineering-heavy work with security depth: backend systems, secure product development, application security, and technical research.
Education & Training
  • B.Sc. CSE, University of Rajshahi
  • Blue Team Junior Analyst (BJT)
  • SOC Analyst Training, BYEAH BD
  • PortSwigger & TryHackMe labs
  • OSCP coursework (PWK)
Awards
  • Digital Bangladesh Award 2022, Smart Helmet
  • Robotech Olympiad 2023, Embedded Systems
Career Timeline
2023 – Present
Cybersecurity Researcher
ByteTech, Bangladesh
  • Reconnaissance and attack-surface mapping
  • Built automation scripts for asset discovery
  • Manual testing for web applications and APIs
  • Malware analysis and reverse engineering
2020 – 2023
Full-Stack Developer
ByteTech, Bangladesh
  • Production web apps, backend APIs, auth workflows
  • Monitoring dashboards and operational tools
  • ElectronJS desktop application development
  • Built Southeast Bank Alarm Management System
2019 – 2020
Freelance Developer
Fiverr / Upwork
  • Java 2D games and web development
  • 500+ USD earned across platforms
Skill Stack
Built for delivery
Backend
Node.jsPHPLaravelREST APIsMySQLMongoDB
Frontend
ReactTypeScriptJavaScriptHTML/CSSKotlin
Security
OWASP Top 10API SecurityReconVuln AnalysisMalware AnalysisReverse Eng.
Tools
Burp SuiteNmapNucleiSubfinderLinuxDockerGit
Projects
Engineering and security work
Engineering
South-East Bank Alarm Management System
Lead Developer · 2023
End-to-end development of a banking alarm platform covering backend logic, workflow handling, and 24/7 operational monitoring.
PHPKotlinMySQLMonitoringBanking
Engineering
Smart Helmet
Software & Control Logic · 2021–2022
AI-assisted IoT project for rider safety with accident detection, OpenCV vehicle recognition, GPS/GSM integration. Digital Bangladesh Award 2022.
PythonOpenCVIoTGPS/GSM
Security
VulnXposer
SaaS Vulnerability Scanner · 2024
Security assessment platform for structured testing, scanning orchestration, and reporting. Integrates OWASP ZAP, Nmap, subdomain enumeration.
ReactNode.jsOWASP ZAPNmap
Open project
Security
Recon Automation Toolkit
Recon Workflow Automation · 2025
Automation pipeline for target discovery, archive URL collection, endpoint enumeration, parameter clustering, and Nuclei vulnerability triage.
BashPythonSubfinderNucleiKatana
Open project
Security
Bug Bounty Methodology
Research Notes & Workflow Library
Curated notes on reconnaissance, API testing, prioritization, and repeatable testing strategy for bug bounty hunting.
MethodologyAPI TestingRecon
Open project
Security
HackerOne Automation
Bug Bounty Workflow Automation
Python automation scripts for HackerOne bug bounty workflows, streamlining target scope management and reporting.
PythonHackerOneAutomation
Open project
Writeups
Research notes and articles
Quality over volume. Each writeup reflects real research depth.
Web Security
Exploring Vulnerabilities in Modern Web Applications
Overview of common web weaknesses and practical security considerations for developers and researchers.
Read article
Windows Internals
Kernel Mode DLL Injection Techniques
Research note on low-level injection concepts, operating system internals, and kernel-space execution.
Read article
Threat Research
Advanced Persistent Threats and Kernel-Level Exploits
Summary of attacker tradecraft, APT methodology, and kernel-level exploitation techniques.
Read article
Windows Internals
Bypassing Windows Kernel PatchGuard for Exploit Development
Deep dive into PatchGuard bypass techniques and their implications for exploit development workflows.
Read article
Red Team
Red Team Strategies and Methodologies
Outlined effective approaches in offensive security, covering planning, execution, and reporting frameworks.
Read article
Malware Research
Advanced Malware Injection Techniques and Countermeasures
Analysis of sophisticated malware injection patterns and the defensive mechanisms used to detect and counter them.
Read article
Contact
Open to opportunities
Available for freelance engineering, security collaboration, and full-time remote roles.
What I'm open to
Full-stack engineering roles (remote)
Application security and product security roles
WordPress malware removal & security hardening
Freelance backend API development (PHP / Node.js)
Technical review of systems and security tooling
Direct channels
⚡ Quick Response
Available for remote work. Best contact via email or LinkedIn. Usually respond within 24 hours.