Application Security
- Threat Modeling, Code Review
- SAST (Semgrep/SonarQube), SCA (Snyk)
- DAST (ZAP/Burp), API Security Testing
AppSec • Product Security • Red Team
Specialized in AppSec, Red Team, and Cloud Security. Passionate about protecting digital assets and building secure-by-design systems.
I specialize in end‑to‑end security testing: black‑box, grey‑box, and authenticated assessments across web, mobile (Android & iOS), APIs, internal/external networks, wireless, and thick‑client apps. I’m comfortable leading engagements, writing crisp reports, and partnering with engineering to remediate.
Comprehensive toolkit across AppSec, Cloud, DevSecOps, and Security Operations.
Final semester. Research around secure design for mobile & API‑first systems.
Led end-to-end security reviews and penetration tests across web, mobile, API, and cloud systems.
Integrated automated security tools and performed cloud/container audits to reduce vulnerabilities.
Delivered training, PoCs, and reviews, driving continuous security improvement and awareness.
Conducted comprehensive security testing across web, mobile, API, and network systems using tools like Burp Suite, Nmap, and Metasploit.
Led 100+ client assessments, delivering CVSS-based risk analysis and actionable remediation strategies.
Managed analyst teams, guided multi-phase projects, and contributed to 0day disclosures and CTF victories.