👤 About Me

Experienced specialist in Web Penetration Testing
Currently learning Software Reverse Engineering
Skilled in the following areas:
🔸OWASP Top 10
🔸OWASP WSTG
🔸Passive Recon
🔸Active Recon
🔸API Security
🔸SAST

Working in a world of insecurity 🥷🏻

💡 Skills

OWASP TOP 10

API Security

Recon

SAST

Cryptography

PWK

Linux

Network

Git

💻 Programming Languages

Python

PHP

JavaScript

C#

SQL

🛠️ Tools

Burp Suite

Nmap

Metasploit

Semgrep

Sqlmap

💼 Work Experience

Pentester

Data Processing Company Tadbir Farda | 2024-Present

📜 Certifications

Offensive Security Operations

Institution: Cybrary | November 2024
Certification Link

Application Attacks Basics

Institution: Cybrary | March 2025
Certification Link

Reconnaissance and Enumeration Basics

Institution: Cybrary | November 2024
Certification Link

Ethical Hacker

Institution: Great Learning | June 2024
Certification Link

Introduction to Cryptography

Institution: Great Learning | July 2024
Certification Link

Network Fundamentals

Institution: Cybrary | December 2024
Certification Link

🚀 Projects

CTF Shamsipour University

Client / Requestor: Shamsipour University | June 2024

Challenge designer for web penetration testing in Shamsipour University's Capture the Flag competition, also acted as technical expert.

Related Link

Vulnerability Detection in Code Before Deployment (DevSecOps)

Client / Requestor: Data Processing Company Tadbir Farda | September 2024

For discovering vulnerable code during deployment on the server (CI) using Semgrep and providing solutions to fix vulnerabilities for the development team.

Semgrep Rules

Client / Requestor: Personal | February 2025

Semgrep is an open-source tool used for vulnerability detection in code (SAST). These rules are written based on web vulnerabilities.

Related Link

CryptoMaster

Client / Requestor: Personal | September 2025

CryptoMaster is a powerful tool for various hashing, encryption, and decryption operations, supporting a wide range of algorithms.

Related Link

Dark_SIP Tool

Client / Requestor: Personal | August 2024

This project is designed for cracking the SIP protocol used for authentication in VOIP, implemented with a combination of Wireshark and Hashcat.

Related Link

📅 Events

TVUCTF Technical Supervisor

Shamsipour University | June 2024

Related Link

🌟 Soft Skills

Teamwork Leadership Adaptability Creative Problem Solving

👤 Personal Information

🌐 Social Networks

👤 About Me

💡 Skills

💻 Programming Languages

🛠️ Tools

💼 Work Experience

Pentester

📜 Certifications

Offensive Security Operations

Application Attacks Basics

Reconnaissance and Enumeration Basics

Ethical Hacker

Introduction to Cryptography

Network Fundamentals

🚀 Projects

CTF Shamsipour University

Vulnerability Detection in Code Before Deployment (DevSecOps)

Semgrep Rules

CryptoMaster

Dark_SIP Tool

📅 Events

TVUCTF Technical Supervisor

🌟 Soft Skills