Offensive Security β’ Pentesting β’ Linux/Network β’ AppSec
- Web & Mobile App pentesting (real targets, not lab puzzles)
- AppSec reviews for high-traffic services (authN/authZ, crypto misuse, SSRF/IDOR/races)
- Practical threat modeling (STRIDE), Linux hardening, MQTT/IoT security
- Automation: Burp extensions, recon pipelines, fuzzing harnesses
πΎ Always open to tricky tasks and teams who value impact over theater.
Core
OffSec
Extras
- Bug bounty: participating in public programs, focusing on web vulnerabilities with real business impact (authZ/IDOR, SSRF, race conditions, logic flaws).
- CVE: filing and maintaining CVEs in open-source projects, providing PoCs and fix recommendations.
- Practice: Linux/Network security, structured reports and PoCs, light automation for repetitive checks.
Click to expand
- π§ Jr Penetration Tester (THM)
- π΅οΈββοΈ Red Teaming (THM)
- π Information Security Specialist
- π Information Security Basics
- π Data Networks and Security
- π» Operating System Security & Systems Programming
- π§βπ» Modern Software Development
- π Web Applications
- β 6C3C οΈ Attack & Defence
- π¦ Modern Cybercrime & Countermeasures
- π¨ Incident Response & Threat Hunting
"If it can be abused, it will be. Better find it first."