Penetrating Networks

0 %
avatar
Navid Fazle Rabbi
Sr. Security Researcher
Offensive Security Research
bKash Ltd.
Research Interest
  • 🔒 Web & Mobile AppSec
  • 💥 Side-Channel Analysis
  • 🤖 AI Attacks & AI Security
  • 🔗 Blockchain & Web3 Security
  • 🌐 Browser Security
  • 💻 Source Code Analysis
  • 🔐 Real-world Cryptograpy
  • 💣 Exploit Development
  • 🔄 Reverse Engineering
  • 🌐 IoT Security
Resume Research Portfolio

Hello. 🎉 Welcome to My Portfolio!

My journey in the cybersecurity landscape is guided by an insatiable curiosity, and my interests span a wide spectrum:

RESEARCH DETAILS

At the moment, I’m deeply immersed in the world of Progressive Web Application Security, crafting Software-level Web Application Firewalls, and mastering Network Reconnaissance. If you share a passion for knowledge sharing, don’t hesitate to connect with me!

🎓 I hold a B.Sc. in Electrical and Electronic Engineering from the Islamic University of Technology (IUT), graduating in 2019.

academy.

Academy

Currently, I am working with some enthusiastic and wonderful undergraduate students:

  • Mohammad Saidur Rahman Sagor (IUT)
  • Maroof Ahmed (IUT)

Let’s connect, collaborate, and secure the digital frontier together! 🚀🔒💻

#Cybersecurity #InfoSec

The Pensieve Chronicles: Insights from My Journey

This section is where I share updates and insights from my journey as an engineer and cybersecurity professional. Here, you’ll find the latest news about my work, achievements, and upcoming projects. Stay tuned for more exciting updates!

  • Leading bKash Web Application, Mobile Application, API Security Testing Team.
  • Building RedHawks & CyQ
  • Solving HTB Boxes for learning
  • Studying Personality Development Books
  • Working on researches on Mobile Application Security, Web Application Testing
  • Writing a series on Cybersecurity Awareness on Linkedin.

Latest Update November 24, 2023

Education

Bachelor of Science in Engineering (EEE)
Islamic University of Technology (IUT)
2016-2019 
Admission Rank: 70 | Recipient of OIC Scholarship

Noteworthy Course-works

Communication Engineering, Microprocessor & Assembly Language, Wireless Communication, Micro-controller Based System Design, Data Communication & Networking, Embedded Systems, Advanced Communication Techniques.

Work Experience

Senior Engineer, Offensive Security Research
bKash Ltd.
April '21 - Present

Seminars & Talks

On March 15, 2023, I spoke at Islamic University of Technology (IUT) about starting a Career in Cyber Security, Enterprise Cybersecurity & Role of CTF. If you want to know what I shared in my talk, Click on the button below.

Enterprise Cybersecurity & Role of CTF

R&Ds

All Categories Tools Exploit
JWT-Hawk
JWT-Hawk
If it's cheap and good.
Read more
IceWatch
IceWatch
Read more
Base64 Brute-Force
Base64 Brute-Force
Good design has little to do with trends.
Read more

Recommendations

Shuvro Jyoti Halder
Shuvro Jyoti Halder
Senior Engineer, Offensive Security Research | bKash Ltd.

We collaborated on several projects, and I was fortunate to call him my teammate. He regularly contributed his full effort to the team and played a vital role in ensuring that projects were finished on time. He had an uncanny ability to keep everyone calm and productive during tough crunch situations.

Wahid Khan
Wahid Khan
Senior Financial Advisor & Managing Director | Blue River Financials

Navid was our team's consultant. His work consistently exceeded our expectations. He has a penchant for offering clear information that assists us in making key business decisions. He did so in a manner that was simple to comprehend and absorb. He understood our company's and our consumers' priorities. Moreover, he is constantly transparent about his efforts and never fails to respond to our inquiries.

Muzahedul Haque
Muzahedul Haque
Cloud Engineer at Nordcloud, an IBM Company

Jamil Ahmed Saad
Jamil Ahmed Saad
General Manager, Technology Audit & Compliance | bKash Ltd.

Newsletter

Workplace Woes: Mental Health Magic vs. Leadership Lacking a Script
March 5, 2024 / Personal Development
Workplace Woes: Mental Health Magic vs. Leadership Lacking a Script

It is hard to say enough about how important mental health is in today’s fast-paced and competitive workplace. Beyond the…

Read more
Secure Headers: Content-Security-Policy (CSP)
May 6, 2023 / Security Configuration, Technology
Secure Headers: Content-Security-Policy (CSP)

Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS), clickjacking, and other code injection attacks…

Read more
Automated API Documentation: A Step-by-Step Guide
February 13, 2023 / API
Automated API Documentation: A Step-by-Step Guide

I’m about halfway through APIsec University’s API Penetration Testing course, and I’m already learning a lot about testing APIs for…

Read more
Diving into the Android Package File (APK): A Primer for Android Pentesting
January 8, 2023 / Android
Diving into the Android Package File (APK): A Primer for Android Pentesting

This is the first installment of my new Android Pentesting Series. I’ve lately been experimenting with various penetration testing approaches…

Read more
TryHackMe | Corridor
October 11, 2022 / CTF
TryHackMe | Corridor

In this blog, I will try to show and explain the TryHackMe room Corridor. This room explores potential IDOR vulnerabilities…

Read more
TryHackMe | Reversing ELF
October 1, 2022 / CTF
TryHackMe | Reversing ELF

In this blog, I will try to show and explain the TryHackMe room Reversing Elf. This room features eight increasingly…

Read more

Get in Touch