{{ project.description|truncatechars:90 }}
My Services
Thinking and acting like an attacker to identify exploitable weaknesses before they are abused in the wild.
Vulnerability Assessment
Systematic process of identifying, analyzing, and prioritizing security weaknesses across your infrastructure.
Penetration Testing
Ethical hacking services to identify and exploit vulnerabilities before malicious actors do.
Bug Bounty Hunting
Professional vulnerability research and responsible disclosure on private and public programs.
Scripts & Automation
Python and Bash automation for security testing, log analysis, and task automation.
Skill Matrix
A hands-on arsenal forged through CTFs, live engagements, and adversarial research — not just coursework.
Cybersecurity Skill Matrix
My Certifications
Industry-recognized certifications validating hands-on expertise in offensive security and penetration testing.
Certified in Cybersecurity (CC)
Certification Info
| Category | Security Fundamentals |
| Issuer | ISC2 |
| Issued | 2024 |
| Status | Active |
The CC certification validates foundational knowledge of cybersecurity principles, access controls, network security, and incident response.
eJPT — Junior Penetration Tester
Certification Info
| Category | Penetration Testing |
| Issuer | INE / eLearnSecurity |
| Issued | 2024 |
| Status | Active |
Practical entry-level certification demonstrating real-world skills with Metasploit, Nmap, and Burp Suite.
Google Cybersecurity Certificate
Certification Info
| Category | Security Operations |
| Issuer | Google / Coursera |
| Issued | 2023 |
| Status | Active |
Covers threat analysis, SIEM tools, Python for security automation, Linux, SQL, and incident response workflows.
Advanced Penetration Testing
Certification Info
| Category | Penetration Testing |
| Issuer | Craw Security |
| Issued | Jun 2025 |
| Status | Active |
Advanced cert covering exploitation, privilege escalation, Active Directory attacks, post-exploitation, and pivoting.
My Experience
My professional journey in cybersecurity, protecting systems and identifying vulnerabilities.
HackToLive Academy
Leading vulnerability assessments and penetration tests across client web applications, APIs, and internal infrastructure.
KEY ACHIEVEMENTS
- Discovered 3 critical RCE vulnerabilities in client APIs, preventing potential data breaches.
- Automated recon pipelines with Python, reducing initial assessment time by 60%.
- Developed internal red team playbooks adopted as company-wide standard methodology.
- Mentored 20+ junior security analysts in web application testing techniques.
HackToLive Academy
Supported the security operations team in vulnerability scans, threat intelligence, and penetration testing engagements.
KEY ACHIEVEMENTS
- Contributed to 12 client vulnerability assessments across web and network attack surfaces.
- Built a log analysis automation script in Python used by the SOC team for daily triage.
- Identified an IDOR vulnerability in a client portal during a supervised web app pentest.
- Completed all internal CTF challenges, ranked 1st in the intern cohort.
My Education
Academic foundations that ground my practical security work in theory and research.
B.Sc. in Computer Science & Engineering
Jagannath University (JnU)
Higher Secondary Certificate (HSC)
Govt. Tolaram College
Secondary School Certificate (SSC)
Philip Nagar High School
Primary School Certificate
25 No. East Bahirmadi Govt. Primary School
My Volunteering
Community leadership and technical contributions that shaped my ability to collaborate, communicate, and drive impact beyond the classroom.
No volunteering entries added yet.
My Projects
Security tools, research projects, and open-source contributions — powered by GitHub.
{{ project.description|truncatechars:90 }}
{{ project.description|truncatechars:90 }}
{{ project.description|truncatechars:90 }}
{{ project.description|truncatechars:90 }}
{{ project.description|truncatechars:90 }}
Research & Publications
Peer-reviewed papers and academic contributions in cybersecurity and emerging technologies.
Quantum-Resistant Cryptographic Protocols for IoT Edge Devices
IEEE Internet of Things Journal · {{ paper.published_at|date:"M Y" }}
Proposes lightweight post-quantum cryptographic protocols for IoT edge devices, achieving NIST PQC Level 3 security with under 8 KB RAM on ARM Cortex-M4.
Automated Vulnerability Discovery in Smart Contract Bytecode Using Symbolic Execution
ACM CCS 2025 — Conference on Computer and Communications Security · {{ paper.published_at|date:"M Y" }}
SCAVEX: a hybrid analysis framework achieving 94.2% true positive rate on smart contract vulnerabilities, outperforming Mythril, Slither, and Echidna.
Side-Channel Resistance of AES-NI Implementations on Modern x86 Processors
USENIX Security 2025 · {{ paper.published_at|date:"M Y" }}
Demonstrates a cross-core cache contention attack on AES-NI achieving full key recovery, and proposes an Intel CAT mitigation with under 2% overhead.
Latest Writeups
CTF walkthroughs, bug bounty findings, and notes from real-world offensive security engagements.
Linux
CVE-2026-31431 – Copy Fail: The Linux bug that gives you root
A deep-dive into a kernel-level copy_from_user() race condition allowing unprivileged local attackers to escalate to root. Includes full PoC walkthrough.
Mock Exam
CAPen Mock Exam Writeup – How I Passed the Certified AppSec Pentester
Full walkthrough covering IDOR chains, AWS S3 misconfigurations, and JWT forgery. Tips for CAPen prep.
Red Teaming
TryHackMe – Holo Network: Full Red Team Engagement Writeup
End-to-end red team engagement — recon, web shell upload, internal pivoting, and Active Directory compromise via Kerberoasting.
Looking for a security professional who focuses on real-world testing? Let's talk.
Availability
Open to Work
llmnotforeveryone@gmail.com
Phone
+880 (000) 000-0000
Location
Bangladesh, Dhaka
Timezone
BST · UTC+6 (Bangladesh)
Preferred
Email · LinkedIn · WhatsApp
// Open To Engagements