MUHAMMAD WASEEM AKRAM
hackerwasi1@gmail.com | +923137119351
PROFILE
- Information security enthusiast with industry level certifications and a strong interest in penetration testing and offensive security.
- Strong background in security tools, emerging technologies, processes and best practices.
- An author of Instahack A Massive instagram Bruteforce Tool
- Reported Security Vulnerabilities in Microsoft, Facebook, Apple, Dell etc.
TECHNICAL EXPERTISE
Networking: Storage Networks, Network Security, Server Networks, IP Protocols, LAN/WAN Switching, Troubleshooting.
Security Assessment: SAST, DAST, VAPT, Open-Source Analysis, OWASP top 10, Mitre Att&ck Framework, SANS top 25.
Operating Systems: Ubuntu, CentOS, Kali Linux, MacOS, Windows Servers.
Cloud/DevOps technologies: Docker, CI /CD, Azure, Web Server, AWS Cloud, Python, Bash.
Security & Testing tools: Snyk, BloodHound, Veracode, Burp Suite, Tenable.io, Nmap, gobuster, ExtraHop, Metasploit, OWASP ZAP, Netsparker, Postman, Wireshark etc.
CERTIFICATIONS & TRAININGS
Google Cybersecurity Certificate - Google - May 2023
Foundations of Operationalizing MITRE ATT&CK - AttackIQ - April 2023
OSCP - offensive Security Certified Professional - April 2022
eCPPT - eLearn Security Certified Professional Penetration Tester - June 2022
ThrowBack Network - AD Pentesting Network - TryHackMe - May 2022
eJPT - eLearn Security Junior Penetration Tester - INE - Jan 2022
Introduction to Azure Penetration Testing - Altered Security - Jan 2022
[SC-900] Microsoft Certified: Security, Compliance, and Identity Fundamentals - Nov 2021
Security Engineering on AWS - Amazon Web Services - Oct 2021
Cyber Security Essentials - Cisco - Jun 2021
MacOS for IT Administrators - LinkedIn Learning - May 2020
EXPERIENCE
Network/Systems Administrator - CoventBridge Group, Remote - July 2022 - Present
Application Security Analyst - Gore Mutual Insurance, Remote - Aug 2021 - May 2022
- Conducting source code reviews using Veracode and Snyk, triaging and reporting vulnerabilities, guiding developers with vulnerability remediation.
- Performing automated and manual vulnerability assessments and penetration tests on web applications, networks and infrastructure.
- Conducting focused research on newly identified threats and vulnerabilities.
- Providing recommendations on system patching, hardening of web application and servers to mitigate potential risks.
Application Security Tester - Saluber MD LLC., Remote - Aug 2020 - July 2021
- Experience with managing an enterprise level SIEM platform.
- Strong understanding of variety of IT systems, applications and configurations.
- Prioritizing and classifying bugs according to severity.
- Familiarity with basic reverse engineering principles.
EDUCATION
Virtual University (Renala Campus) - 2023
Bachelor of Business & Information Technology (BBIT)
Aspire Group of colleges (Okara Campus) - 2020 - 2022
Intermediate of Computer Science
- Major in Computer Science; Minors in Software Development
- Relevant Coursework: Software Development; Operating Systems; Algorithms
FEATURED
Reported bug in Pakistan Government Website
Bugcrowd - Hall of Fame - Reported bugs in Companies like Microsoft, Facebook, Apple etc.
PROJECTS
Instahack - A Massive instagram Bruteforce Tool (GPL-3.0 License)
Instahack is a python and bash script to perform brute force attack against Instagram , this script can bypass login limiting on wrong passwords , so basically it can test infinite number of passwords.