Ethical Hacker
XPOSE SECURITY (My freelance company)
Total years of experience :10 years, 10 Months
I thoroughly test the front and back ends of applications and devices to guarantee their security using a combination of automated vulnerability scanners like Burp Suite and Tenable as well as manual testing. I find and evaluate vulnerabilities like Cross-Site Scripting, Parameter Tampering, and Clickjacking through this process. I then offer a thorough and expertly written report that explains the weaknesses discovered and includes awareness training to help reduce potential risks in the future.
Using automated vulnerability scanners such as Burp Suite, Tenable,
combined with manual actions, I test the entire front and back end of
web applications to check for Cross-Site Scripting, Parameter
Tampering, Clickjacking, etc. Produce a professionally written report
that includes an explanation and awareness training.
Assisting the government in strengthening and securing infrastructure to make it more secure. This includes mitigating risks such as DDOS attacks, warding off hackers and conducting Red Teaming exercises to increase resilience to cyber attacks. By taking proactive measures and continuously improving security protocols, potential threats can be identified and neutralized before they can cause damage. This requires close collaboration between various government agencies and cybersecurity experts to build a robust defense against cyber threats.
As a red team member, I simulate cyber attacks to uncover vulnerabilities in systems and networks. Mimicking real hackers, I identify weaknesses that traditional assessments might miss. By adopting an offensive mindset, I help the organization strengthen its security measures, enhance staff training, and improve incident response strategies.
CYBERSECURITY SPECIALIST
As a red team member, I simulate cyber attacks to uncover vulnerabilities in systems and networks. Mimicking real hackers, I identify weaknesses that traditional assessments might miss. By adopting an offensive mindset, I help the organization strengthen its security measures, enhance staff training, and improve incident response strategies.
CYBERSECURITY SPECIALIST
Optimisation of infrastructure to ensure that all devices within the
networks are secure against threats. Also set up DDOS, Anti-Virus
systems to check everything passing through the network from inside
to outside and vice versa. Over 10, 000 Vulnerabilities handled with
vulnerablity scanning tools such as Tenable. Manual testing of web
applications such as XSS, SQL, IDOR, CSRF, etc.
I have a specialty in network infrastructure optimization to protect all devices from possible threats. This entails putting in place DDoS and antivirus programs to keep an eye on all incoming and outgoing data. I have a great deal of expertise using tools like Tenable for vulnerability scanning and have handled over 10, 000 vulnerabilities. In addition, I manually evaluate web applications to look for security flaws like XSS, SQL, IDOR, CSRF, and others. I have been effective in securing networks and averting potential cyberattacks thanks to my knowledge in these fields.
Software automation using Azure Sentinel and Power automate,
automating the O365 Suite to search for phishing mails and malicious
files using API connectors such as VirusTotal. Social engineering
using phishing mails and security awareness training for staff
Security Automation using Security orchestration, automation, and
response. based on use cases, it was determined what should be
done in this automation. such as blacklisting URLs using zscaler, Antivirus signatures using Symantec SEPM, Adding IPS signatures (Hostbased IPS) and EWS E-mail servers then implementing this within an
MISP platform
I am a specialist in software automation with knowledge of Power Automate and Azure Sentinel. My area of expertise is automating O365 Suite to look for malicious files and phishing emails using API connections like VirusTotal. In order to stop successful cyberattacks, I am also skilled at social engineering using phishing emails and teaching staff in security awareness.
I leveraged Security orchestration, automation, and response (SOAR) to implement Security Automation. By analyzing various use cases, we determined which tasks could be automated. These included blacklisting URLs through Zscaler, deploying anti-virus signatures via Symantec SEPM, and adding IPS signatures (Host- based IPS) and EWS E-mail servers. Our team then seamlessly integrated these automated processes within an MISP platform. The result was a more efficient and streamlined security system that effectively mitigates potential threats.