I'm a Penetration Tester with a passion for offensive security, ethical hacking, and helping organizations identify and fix their vulnerabilities before attackers can exploit them. I specialize in Web, API, Mobile, and Network Penetration Testing, and I enjoy turning weaknesses into actionable improvements.

🔍 Tools & technologies I work with regularly include: Burp Suite, Nmap, Wireshark, Metasploit, OWASP ZAP, SQLmap, ffuf, Subfinder, Amass, APKTool, MobSF, ADB, and JWT Debugger.

💡 Areas of expertise:

• Web Application Pentesting (OWASP Top 10)
• Mobile App Security (Android)
• API Pentesting (REST & GraphQL)
• Reconnaissance and Subdomain Enumeration
• Vulnerability Scanning & Manual Exploitation
• Reporting with PoCs and remediation guidance

🚀 Sample Projects & Experience:

• Built automated recon workflows using Bash, Python, and tools like httpx, nuclei, and gf
• Discovered critical IDOR and authentication flaws in live systems
• Performed mobile app assessments using static/dynamic analysis (MobSF, Frida, APKTool)
• Participated in bug bounty programs on platforms like HackerOne & Bugcrowd

💬 Ask me about: Offensive Security, Bug Bounty, Red Teaming, Exploit Development, or Reporting Best Practices