Hello. 🎉 Welcome to My Portfolio!
Hi there! I’m a passionate security researcher with a focus on offensive techniques in the realms of web and mobile applications. Currently, I proudly serve as a Senior Security Researcher at the bKash Offensive Security Research Team.My journey in the cybersecurity landscape is guided by an insatiable curiosity, and my interests span a wide spectrum:
At the moment, I’m deeply immersed in the world of Progressive Web Application Security, crafting Software-level Web Application Firewalls, and mastering Network Reconnaissance. If you share a passion for knowledge sharing, don’t hesitate to connect with me!
I hold a B.Sc. in Electrical and Electronic Engineering from the Islamic University of Technology (IUT), graduating in 2019.
academy.
Recently, I've embarked on an educational journey of my own with the launch of myCurrently, I am working with some enthusiastic and wonderful undergraduate students:
I'm providing personalized 1-to-1 mentorship to a select group of enthusiastic undergraduate students.- Mohammad Saidur Rahman Sagor (IUT)
- Maroof Ahmed (IUT)
In the world of certifications, I proudly hold the following industry-recognized titles:
Certified Ethical Hacker (CEH)Let’s connect, collaborate, and secure the digital frontier together! 
#Cybersecurity #InfoSec
The Pensieve Chronicles: Insights from My Journey
This section is where I share updates and insights from my journey as an engineer and cybersecurity professional. Here, you’ll find the latest news about my work, achievements, and upcoming projects. Stay tuned for more exciting updates!
- Leading bKash Web Application, Mobile Application, API Security Testing Team.
- Building RedHawks & CyQ
- Solving HTB Boxes for learning
- Studying Personality Development Books
- Working on researches on Mobile Application Security, Web Application Testing
- Writing a series on Cybersecurity Awareness on Linkedin.
Latest Update November 24, 2023
Education
Bachelor of Science in Engineering (EEE)
Admission Rank: 70 | Recipient of OIC Scholarship
Noteworthy Course-works
Communication Engineering, Microprocessor & Assembly Language, Wireless Communication, Micro-controller Based System Design, Data Communication & Networking, Embedded Systems, Advanced Communication Techniques.
Work Experience
Security Engineer II
⚔️ Conduct internal penetration testing on Optimizely products, identifying vulnerabilities and weaknesses through advanced techniques.
⚔️ Validate found bugs to enhance bug reporting efficiency, ensuring accurate identification and documentation through cross-functional collaboration.
⚔️ Assist in external penetration testing and validation of findings, contributing to the identification and resolution of vulnerabilities with external security teams.
🛡️ Plan and build a secure application development lifecycle for the organization, implementing robust security measures to adhere to industry standards and best practices.
Senior Engineer, Offensive Security Research
Follow the Link to Get the Details
Seminars & Talks
On March 15, 2023, I spoke at Islamic University of Technology (IUT) about starting a Career in Cyber Security, Enterprise Cybersecurity & Role of CTF. If you want to know what I shared in my talk, Click on the button below.
On October 19, 2024, I spoke at the BSides Dhaka Meetup on the topic of "Cybersecurity Today: Challenges, Opportunities, and Global Perspectives." If you're interested in learning what I shared during my talk, click the button below.
R&Ds
Recommendations
Shuvro Jyoti Halder
We collaborated on several projects, and I was fortunate to call him my teammate. He regularly contributed his full effort to the team and played a vital role in ensuring that projects were finished on time. He had an uncanny ability to keep everyone calm and productive during tough crunch situations.
Wahid Khan
Navid was our team's consultant. His work consistently exceeded our expectations. He has a penchant for offering clear information that assists us in making key business decisions. He did so in a manner that was simple to comprehend and absorb. He understood our company's and our consumers' priorities. Moreover, he is constantly transparent about his efforts and never fails to respond to our inquiries.
Muzahedul Haque
Jamil Ahmed Saad
Newsletter
Workplace Woes: Mental Health Magic vs. Leadership Lacking a Script
It is hard to say enough about how important mental health is in today’s fast-paced and competitive workplace. Beyond the…
Secure Headers: Content-Security-Policy (CSP)
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS), clickjacking, and other code injection attacks…
Automated API Documentation: A Step-by-Step Guide
I’m about halfway through APIsec University’s API Penetration Testing course, and I’m already learning a lot about testing APIs for…
Diving into the Android Package File (APK): A Primer for Android Pentesting
This is the first installment of my new Android Pentesting Series. I’ve lately been experimenting with various penetration testing approaches…
TryHackMe | Corridor
In this blog, I will try to show and explain the TryHackMe room Corridor. This room explores potential IDOR vulnerabilities…
TryHackMe | Reversing ELF
In this blog, I will try to show and explain the TryHackMe room Reversing Elf. This room features eight increasingly…