Hi, I’m Mohammed Abdul Kareem (aka 0xiMAK)

AppSec • Product Security • Red Team

Specialized in AppSec, Red Team, and Cloud Security. Passionate about protecting digital assets and building secure-by-design systems.

Avatar illustration
OWASP Burp Suite Nmap MobSF

About

I specialize in end‑to‑end security testing: black‑box, grey‑box, and authenticated assessments across web, mobile (Android & iOS), APIs, internal/external networks, wireless, and thick‑client apps. I’m comfortable leading engagements, writing crisp reports, and partnering with engineering to remediate.

Technical Arsenal

Comprehensive toolkit across AppSec, Cloud, DevSecOps, and Security Operations.

Application Security

  • Threat Modeling, Code Review
  • SAST (Semgrep/SonarQube), SCA (Snyk)
  • DAST (ZAP/Burp), API Security Testing

Cloud Security

  • AWS, Azure, GCP hardening & IAM
  • CSPM / Guardrails, KMS, Secrets
  • Container & K8s Security

DevSecOps

  • CI/CD Security (GitHub Actions, Azure DevOps)
  • IaC Scanning (Checkov, Terrascan)
  • Image Scanning (Trivy)

Security Operations

  • SIEM/XDR (Wazuh, Sentinel, Chronicle)
  • IR, Threat Intel, VM
  • Network Security (Firewalls, VPN)

Testing & VAPT

  • Nmap, Nessus/OpenVAS
  • Burp Suite Pro, OWASP ZAP
  • Metasploit, custom scripts

Soft Skills

  • Mentoring & Community
  • Clear Reporting & Demos
  • Cross‑team Collaboration

Experience

Master’s (Cybersecurity)

Final semester. Research around secure design for mobile & API‑first systems.

Product Security Engineer — Loyalty Juggernaut

Led end-to-end security reviews and penetration tests across web, mobile, API, and cloud systems.

Integrated automated security tools and performed cloud/container audits to reduce vulnerabilities.

Delivered training, PoCs, and reviews, driving continuous security improvement and awareness.

Security Engineer — TrekShield

Conducted comprehensive security testing across web, mobile, API, and network systems using tools like Burp Suite, Nmap, and Metasploit.

Led 100+ client assessments, delivering CVSS-based risk analysis and actionable remediation strategies.

Managed analyst teams, guided multi-phase projects, and contributed to 0day disclosures and CTF victories.

Contact: