Thinking Like an Adversary,
Defending Like a Pro.
Offensive Security Specialist & Ethical Hacker focused on Penetration Testing, Red Team Operations, and Vulnerability Research. I break defenses to build them stronger, exposing critical flaws before they can be exploited.
Professional Profile
The Offensive Mindset
I am a relentless Ethical Hacker and Red Teamer who believes the best defense is a relentless offense. My passion lies in dissecting complex systems, bypassing perimeter defenses, and uncovering logic flaws that automated scanners miss.
From Web Application Penetration Testing to simulating advanced persistent threats (APTs), I leverage a deep understanding of attacker TTPs (Tactics, Techniques, and Procedures) to fortify organizations. I don't just find bugs; I demonstrate business risk through controlled exploitation.
Proficient in Kali Linux, Metasploit, and Burp Suite, I specialize in black-box testing and authorized adversary simulations. My goal is to expose the invisible attack surfaces in your infrastructure before a malicious actor does.
Network Penetration
Exploiting service vulnerabilities & privilege escalation.
Web App Security
Hunting OWASP Top 10 flaws like SQLi, XSS, and IDOR.
Red Teaming
Full-scope adversary emulation & social engineering.
Exploit Development
Custom payload creation & buffer overflow analysis.
Professional Experience
Customer Service Associate
- Orchestrated frontline financial operations for a high-volume branch, resolving complex banking inquiries with 100% compliance to AML (Anti-Money Laundering) and KYC (Know Your Customer) regulations.
- Accelerated digital transformation by driving a 15% increase in mobile app adoption, educating clients on secure self-service banking tools.
- Mitigated fraud risks by vigilantly monitoring transaction patterns and adhering to strict authentication protocols.
- Collaborated with financial advisors to identify client needs, generating qualified leads that contributed to the branch’s quarterly sales targets.
Founder & Lead Cloud Architect
- Architecting a secure, cloud-native infrastructure on Azure, leveraging Next.js for the frontend and serverless functions for scalable backend logic.
- Engineered a Zero Trust security model, implementing rigorous IAM policies, Multi-Factor Authentication (MFA), and role-based access control (RBAC).
- Deployed a hardened email server ecosystem with SPF, DKIM, and DMARC enforcement to eliminate phishing vectors and ensure high deliverability.
- Automated deployment pipelines using GitHub Actions, reducing release time by 40% while integrating automated security scanning (SAST).
- Established a comprehensive WAF (Web Application Firewall) rule set to block OWASP Top 10 vulnerabilities.
Full-Stack Developer & Security Administrator
- Delivered a custom, responsive corporate website, optimizing load times by 30% through efficient asset management and code splitting.
- Configured and hardened a private email server, implementing SSL/TLS encryption for transit security and significantly reducing spam susceptibility.
- Conducted vulnerability assessments on web assets, patching critical security gaps before public deployment.
- Standardized digital identity management, creating professional branding assets that aligned with corporate strategic goals.
Volunteer Web Developer
- Designed and launched a mission-critical non-profit platform to facilitate humanitarian outreach and donor engagement.
- Enforced strict data privacy standards by deploying full-site HTTPS encryption and secure session management.
- Architected a cost-effective, reliable email communication system to support high-volume organizational correspondence.
- Provided ongoing technical consultation on digital security best practices to protect sensitive donor data.
Core Competencies
A comprehensive overview of my technical skillset, spanning cloud infrastructure, security operations, and modern devops practices.
Skill Distribution
Offensive Security & Red Teaming
- Metasploit Framework & Cobalt Strike
- Burp Suite Professional & OWASP ZAP
- Kali Linux / Parrot OS Arsenal
- Payload Development & Obfuscation
Vulnerability Assessment
- Nessus & OpenVAS Scanning
- Manual Logic Flaw Analysis
- CVSS Scoring & Risk Prioritization
- Source Code Analysis (SAST)
Exploit Development
- Buffer Overflow & Memory Corruption
- Python & Bash Scripting for Exploits
- Reverse Engineering (Ghidra/IDA)
- Evasion of AV/EDR Solutions
Network & Cloud Pen-Testing
- Active Directory Attacks (Kerberoasting)
- Wi-Fi Security (Aircrack-ng)
- Azure/AWS Penetration Testing
- Pivoting & Lateral Movement
Threat Hunting & Defense
- SIEM (Splunk/Sentinel) Analysis
- Traffic Analysis (Wireshark)
- Indicator of Compromise (IoC) Hunting
- Incident Response Procedures
Infrastructure & Tools
- Docker & Kubernetes Security
- Linux/Windows System Internals
- Git & CI/CD Pipelines
- Virtualization (VMware/VirtualBox)
Featured Projects
Technical implementations across cloud infrastructure, security, and networking.
Penetration Testing & Ethical Hacking Labs
Targeted self-deployed services (web, email, Wi-Fi) on virtual machines to test for real-world vulnerabilities. Used tools like Ettercap, Nmap, Wireshark, and Metasploit in Kali Linux VM environments.
Cloud Automation (IaC)
Automated VM deployments on Azure using Terraform Cloud & GitHub Actions. Deployed Windows Server 2022 with nested virtualization.
Private Cloud Suite
Self-hosted Nextcloud instance on Linux VMs with MariaDB. Enabled secure access using HTTPS and managed file sync, storage, and database operations.
Full-Stack Web Server Deployment
Deployed and secured Apache/Nginx-based web servers on virtual machines using VirtualBox, VMware, and cloud platforms. Configured SSL/TLS encryption, and hosted multiple services.
Load Balancer & HA Setup
Built a simulated multi-server environment using VMs on Linux and Windows. Configured Nginx-based load balancers and tested failover in a virtualized lab.
Email Server & Webmail
Deployed Postfix + Dovecot for mail delivery. Installed Roundcube Webmail with SSL/TLS. Integrated DNS and MX records for external mail flow.
Virtualization Labs
Designed custom virtual labs using VMware and VirtualBox. Deployed multiple VMs to simulate enterprise networks, attacks, and disaster recovery.
Personal VPN Server
Deployed self-hosted WireGuard and IPsec VPN servers. Configured static routing, key-based authentication, and multi-client connections.
Cross-Cloud Networking
Managed environments across Azure, AWS, and GCP. Implemented secure inter-network connectivity, IAM policies, and cost optimization.
Docker Containerization
Containerized multi-service apps using Docker Compose. Built optimized Dockerfiles for web servers, databases, and APIs.
Kubernetes Orchestration
Deployed multi-node Kubernetes cluster. Configured Pods, Deployments, Services, and Ingress Controllers for scaling.
Enterprise Networking
Configured Cisco (2960) and Aruba (6300) switches. Created VLANs, trunk links, and inter-VLAN routing for multi-subnet communication.
Certifications & Awards
My professional certifications and academic achievements in cybersecurity and cloud computing.
Honors & Awards
President's Honour
Seneca Polytechnic • Winter 2025
Professional Certifications
Certified Red Team Operations Management
Red Team Leaders
Dec 2025
Certified Ransomware Protection Officer
EU Cyber Academy
Dec 2025
Ethical Hacker
Cisco
Sep 2025
Advent of Cyber 2025
TryHackMe
Jan 2026
JumpCloud Advanced Certification
JumpCloud
Dec 2025
Google Cybersecurity Certificate
Dec 2025
Understanding Cisco Network Automation Essentials
Cisco
Dec 2025
AI for Networking
Cisco
Dec 2025
Introduction to Network Simulations with Cisco Modeling Labs
Cisco
Dec 2025
Learning the OWASP Top 10
LinkedIn Learning
Oct 2025
Junior Cybersecurity Analyst
Cisco
Sep 2025
Ethical Hacking Series
LinkedIn Learning
Apr 2025
AWS Cloud Foundations
AWS
Mar 2025
Intro to Cybersecurity
Cisco
Nov 2024
LinkedIn Advertising Fundamentals
Jan 2026
LinkedIn Marketing Measurement
Jan 2026
Content and Creative Design
Jan 2026
LinkedIn Marketing Strategy
Jan 2026
Google Data Analytics Certificate
Dec 2025
Defender for Endpoint Automation
Microsoft
Nov 2024
IT Security Foundations
LinkedIn Learning
Jan 2023
Business Analytics
LinkedIn Learning
Jan 2023
Education
My academic journey and key coursework in Computer Systems and Security.
Computer System Technician - Diploma
Seneca Polytechnic
Focusing on computer systems, network administration, and IT security fundamentals.
Key Coursework:
Commerce with Applied Computer Studies - Higher Secondary
Global College of Management
Relevant Coursework: Economics, Business Mathematics, Accounting, Computer Science (GPA: 3.33)
Key Coursework:
Volunteering
Contributing to meaningful causes through technology and community service
Volunteered to design, develop, and maintain the official website for Janta ko Nimti, a non-profit organization. Configured and secured the organization’s email server and implemented SSL/TLS certificates.
Key Contributions:
- Designed and developed the official website
- Configured and secured the organization's email server with SMTP, IMAP, and POP
- Implemented SSL/TLS certificates, HTTPS, and server hardening
- Created the official logo and digital branding
- Donated personal funds and technical resources
Initialize Handshake
Ready to secure your infrastructure? Open for Red Teaming, Penetration Testing, and Cloud Security engagements.
Send Transmission
Establish a direct line of communication.