hackerwasi1@gmail.com | +923137119351

PROFILE


  • Information security enthusiast with industry level certifications and a strong interest in penetration testing and offensive security.
  • Strong background in security tools, emerging technologies, processes and best practices.
  • An author of Instahack A Massive instagram Bruteforce Tool
  • Reported Security Vulnerabilities in Microsoft, Facebook, Apple, Dell etc.

TECHNICAL EXPERTISE


Networking: Storage Networks, Network Security, Server Networks, IP Protocols, LAN/WAN Switching, Troubleshooting.

Security Assessment: SAST, DAST, VAPT, Open-Source Analysis, OWASP top 10, Mitre Att&ck Framework, SANS top 25.

Operating Systems: Ubuntu, CentOS, Kali Linux, MacOS, Windows Servers.

Cloud/DevOps technologies: Docker, CI /CD, Azure, Web Server, AWS Cloud, Python, Bash.

Security & Testing tools: Snyk, BloodHound, Veracode, Burp Suite, Tenable.io, Nmap, gobuster, ExtraHop, Metasploit, OWASP ZAP, Netsparker, Postman, Wireshark etc.

CERTIFICATIONS & TRAININGS


Google IT Support Specialization - Google - October 2023

Google Cybersecurity Specialization - Google - May 2023

Foundations of Operationalizing MITRE ATT&CK - AttackIQ - April 2023

OSCP - offensive Security Certified Professional - April 2022

eCPPT - eLearn Security Certified Professional Penetration Tester - June 2022

ThrowBack Network - AD Pentesting Network - TryHackMe - May 2022

eJPT - eLearn Security Junior Penetration Tester - INE - Jan 2022

Introduction to Azure Penetration Testing - Altered Security - Jan 2022

[SC-900] Microsoft Certified: Security, Compliance, and Identity Fundamentals - Nov 2021

Security Engineering on AWS - Amazon Web Services - Oct 2021

Cyber Security Essentials - Cisco - Jun 2021

MacOS for IT Administrators - LinkedIn Learning - May 2020

EXPERIENCE


Network/Systems Administrator - CoventBridge Group, Remote - July 2022 - Present

Application Security Analyst - Gore Mutual Insurance, Remote - Aug 2021 - May 2022

  • Conducting source code reviews using Veracode and Snyk, triaging and reporting vulnerabilities, guiding developers with vulnerability remediation.
  • Performing automated and manual vulnerability assessments and penetration tests on web applications, networks and infrastructure.
  • Conducting focused research on newly identified threats and vulnerabilities.
  • Providing recommendations on system patching, hardening of web application and servers to mitigate potential risks.

Application Security Tester - Saluber MD LLC., Remote - Aug 2020 - July 2021

  • Experience with managing an enterprise level SIEM platform.
  • Strong understanding of variety of IT systems, applications and configurations.
  • Prioritizing and classifying bugs according to severity.
  • Familiarity with basic reverse engineering principles.

EDUCATION


Virtual University (Renala Campus) - 2023

Bachelor of Business & Information Technology (BBIT)

Aspire Group of colleges (Okara Campus) - 2020 - 2022

Intermediate of Computer Science

  • Major in Computer Science; Minors in Software Development
  • Relevant Coursework: Software Development; Operating Systems; Algorithms

Reported bug in Pakistan Government Website

Bugcrowd - Hall of Fame - Reported bugs in Companies like Microsoft, Facebook, Apple etc.

PROJECTS


Instahack - A Massive instagram Bruteforce Tool (GPL-3.0 License)

Instahack is a python and bash script to perform brute force attack against Instagram , this script can bypass login limiting on wrong passwords , so basically it can test infinite number of passwords.

www.github.com/evildevill/instahack