[>_] Home [>_] Services [>_] Skills [>_] Certifications [>_] Experience [>_] Education [>_] Volunteering [>_] Projects [>_] Publications [>_] Writeups [>_] Contact

My Services

Thinking and acting like an attacker to identify exploitable weaknesses before they are abused in the wild.

🛡️

Vulnerability Assessment

Systematic process of identifying, analyzing, and prioritizing security weaknesses across your infrastructure.

Automated Scanning Reporting & Visualization Risk Scoring Vulnerability Classification
🔍

Penetration Testing

Ethical hacking services to identify and exploit vulnerabilities before malicious actors do.

Network Penetration Social Engineering Web Application Testing Wireless Security
🐛

Bug Bounty Hunting

Professional vulnerability research and responsible disclosure on private and public programs.

API Security Mobile App Testing OWASP Top 10 Web Application Testing
</>

Scripts & Automation

Python and Bash automation for security testing, log analysis, and task automation.

Automation Integration Recon & Pentesting Automation Security Tool Integration

Skill Matrix

A hands-on arsenal forged through CTFs, live engagements, and adversarial research — not just coursework.

operator@portfolio:~/skillsload_matrix --all --radar  ···  ▸ 6 domains active  //  ▸ proficiency radar: LOADED
MODULE_01
Penetration Testing
7
Burp Suite Nmap Metasploit Nikto SQLMap Gobuster Hydra
MODULE_02
Web Security
7
OWASP Top 10 XSS SQLi CSRF IDOR SSRF XXE
MODULE_03
Languages
5
Python Bash JavaScript C SQL
MODULE_04
Tools & Platforms
6
Kali Linux Wireshark John the Ripper Hashcat Netcat Shodan
MODULE_05
Frameworks
4
Django Flask React TailwindCSS
MODULE_06
Research
4
Quantum Computing Cryptography CTF Competitions Threat Modeling
Cybersecurity
Networking
Research
Leadership

Cybersecurity Skill Matrix

My Certifications

Industry-recognized certifications validating hands-on expertise in offensive security and penetration testing.

CC — Certified in Cybersecurity
eJPT — Junior Pen Tester
Google Cybersecurity Certificate
Penetration Testing Cert
Certificate Image

Certified in Cybersecurity (CC)

Certification Info

Category Security Fundamentals
Issuer ISC2
Issued 2024
Status Active

The CC certification validates foundational knowledge of cybersecurity principles, access controls, network security, and incident response.

Certificate Image

eJPT — Junior Penetration Tester

Certification Info

Category Penetration Testing
Issuer INE / eLearnSecurity
Issued 2024
Status Active

Practical entry-level certification demonstrating real-world skills with Metasploit, Nmap, and Burp Suite.

Certificate Image

Google Cybersecurity Certificate

Certification Info

Category Security Operations
Issuer Google / Coursera
Issued 2023
Status Active

Covers threat analysis, SIEM tools, Python for security automation, Linux, SQL, and incident response workflows.

Certificate Image

Advanced Penetration Testing

Certification Info

Category Penetration Testing
Issuer Craw Security
Issued Jun 2025
Status Active

Advanced cert covering exploitation, privilege escalation, Active Directory attacks, post-exploitation, and pivoting.

My Experience

My professional journey in cybersecurity, protecting systems and identifying vulnerabilities.

Mentor
Full-time

HackToLive Academy

2025 – Present  ·  Dhaka, Bangladesh  ·  {{ exp.get_work_mode_display_label }}

Leading vulnerability assessments and penetration tests across client web applications, APIs, and internal infrastructure.

KEY ACHIEVEMENTS

  • Discovered 3 critical RCE vulnerabilities in client APIs, preventing potential data breaches.
  • Automated recon pipelines with Python, reducing initial assessment time by 60%.
  • Developed internal red team playbooks adopted as company-wide standard methodology.
  • Mentored 20+ junior security analysts in web application testing techniques.
AWS Security Bash Scripting Burp Suite Pro Metasploit Nmap OWASP Testing Guide Python Wireshark
Cyber Security Intern
Internship

HackToLive Academy

2024 – 2025  ·  Dhaka, Bangladesh  ·  {{ exp.get_work_mode_display_label }}

Supported the security operations team in vulnerability scans, threat intelligence, and penetration testing engagements.

KEY ACHIEVEMENTS

  • Contributed to 12 client vulnerability assessments across web and network attack surfaces.
  • Built a log analysis automation script in Python used by the SOC team for daily triage.
  • Identified an IDOR vulnerability in a client portal during a supervised web app pentest.
  • Completed all internal CTF challenges, ranked 1st in the intern cohort.
Bash Scripting Nmap OWASP Testing Guide Splunk Wireshark

My Education

Academic foundations that ground my practical security work in theory and research.

🎓

B.Sc. in Computer Science & Engineering

Jagannath University (JnU)

2021 – 2025

Algorithms Cryptography Database Systems Network Security Operating Systems Quantum Computing
🎓

Higher Secondary Certificate (HSC)

Govt. Tolaram College

2017 – 2019

Chemistry Mathematics Physics
🏫

Secondary School Certificate (SSC)

Philip Nagar High School

2019 – 2021

Chemistry Mathematics Physics
🎓

Primary School Certificate

25 No. East Bahirmadi Govt. Primary School

2007 – 2011

My Volunteering

Community leadership and technical contributions that shaped my ability to collaborate, communicate, and drive impact beyond the classroom.

No volunteering entries added yet.

My Projects

Security tools, research projects, and open-source contributions — powered by GitHub.

CyberPulse-Scanner

{{ project.description|truncatechars:90 }}

VulnHunter-Framework

{{ project.description|truncatechars:90 }}

CryptoShield

{{ project.description|truncatechars:90 }}

PhishGuard-ML

{{ project.description|truncatechars:90 }}

NetSentinel

{{ project.description|truncatechars:90 }}

PayloadForge

{{ project.description|truncatechars:90 }}

View all projects →

Research & Publications

Peer-reviewed papers and academic contributions in cybersecurity and emerging technologies.

Certificate

Quantum-Resistant Cryptographic Protocols for IoT Edge Devices

Md Abu Saeed, Dr. Rafiqul Islam, Nusrat Jahan

IEEE Internet of Things Journal  ·  {{ paper.published_at|date:"M Y" }}

Proposes lightweight post-quantum cryptographic protocols for IoT edge devices, achieving NIST PQC Level 3 security with under 8 KB RAM on ARM Cortex-M4.

Cryptography IoT Security Post-Quantum Quantum Computing
Certificate

Automated Vulnerability Discovery in Smart Contract Bytecode Using Symbolic Execution

Md Abu Saeed, Tanzim Hossain

ACM CCS 2025 — Conference on Computer and Communications Security  ·  {{ paper.published_at|date:"M Y" }}

SCAVEX: a hybrid analysis framework achieving 94.2% true positive rate on smart contract vulnerabilities, outperforming Mythril, Slither, and Echidna.

Blockchain Fuzzing Smart Contracts Symbolic Execution
Certificate

Side-Channel Resistance of AES-NI Implementations on Modern x86 Processors

Md Abu Saeed, Prof. Shamim Akhter, Kamrul Hasan

USENIX Security 2025  ·  {{ paper.published_at|date:"M Y" }}

Demonstrates a cross-core cache contention attack on AES-NI achieving full key recovery, and proposes an Intel CAT mitigation with under 2% overhead.

AES Cryptography Hardware Security Side-Channel
View all publications →

Latest Writeups

CTF walkthroughs, bug bounty findings, and notes from real-world offensive security engagements.

CVE-2026
Linux
CVE-2026-31431 Kernel Exploit Linux Privesc Root

CVE-2026-31431 – Copy Fail: The Linux bug that gives you root

A deep-dive into a kernel-level copy_from_user() race condition allowing unprivileged local attackers to escalate to root. Includes full PoC walkthrough.

May 2, 2026  ·  {{ wu.read_time_display }}

CAPen
Mock Exam
CAPen CTF IDOR JWT Web Security

CAPen Mock Exam Writeup – How I Passed the Certified AppSec Pentester

Full walkthrough covering IDOR chains, AWS S3 misconfigurations, and JWT forgery. Tips for CAPen prep.

Apr 18, 2026  ·  {{ wu.read_time_display }}

TryHackMe
Red Teaming
Active Directory Kerberoasting Pivoting TryHackMe

TryHackMe – Holo Network: Full Red Team Engagement Writeup

End-to-end red team engagement — recon, web shell upload, internal pivoting, and Active Directory compromise via Kerberoasting.

Mar 30, 2026  ·  {{ wu.read_time_display }}

View all writeups →

Looking for a security professional who focuses on real-world testing? Let's talk.

// contact_info.sh

Availability

Open to Work

📧

Email

llmnotforeveryone@gmail.com

📞

Phone

+880 (000) 000-0000

📍

Location

Bangladesh, Dhaka

🕐

Timezone

BST · UTC+6 (Bangladesh)

💬

Preferred

Email · LinkedIn · WhatsApp

// Open To Engagements

Penetration Testing Security Audit CTF Consulting Bug Bounty Research Collab