Giter VIP home page Giter VIP logo

Security Engineer | Security Expert | Penetration Tester | Cyber Security Specialist | Software Security Engineer| CEH | ECSA | LPT (MASTER) | ISO 27001 LI (BSI) | Microsoft Azure Security Technologies (AZ-500)

Licensed Penetration Tester (LPT MASTER) and Software Security Engineer with a larger focus on Security testing. Able to do vulnerability assessments, penetration testing, threat modeling, OWASP top 10 vulnerability assessment, cryptography, Network Security Testing, code analytics etc. as far as system and software system security is the concern.

Security Tool Expertise - Tenable IO, Nessus cloud, Acunetix, Vega, OWASP ZAP, Burp Suite, Havij, KALI Linux (OS), App Vigil, Sentinel, Sqlmap, CodeDx, Kiuwan, Spiderfoot, Arachni, Social Engineering Toolkit, Metasploit, Armitage, Cobalt Strike, Netcat, Wireshark. Datasploit plus many more.

Expert In

  1. Application Penetration Testing with the recommendation for remediation
  2. Complete security assessment of Application with the recommendation for remediation
  3. Cloud (AWS) infrastructure complete vulnerability assessment, security & penetration testing with the recommendation for remediation
  4. Static and Dynamic code analysis (SAST & DAST) with the recommendation for remediation
  5. Reconnaissance - Open Source Intelligence (OSINT) using Datasploit, Spiderfoot, foca pro, Buscador, Maltego, Recon-ng, Shodan, theHarvester etc.
  6. API Security
  7. Malware, Phishing, Breach, data leakage detection
  8. Firewall audit and configure
  9. Security and penetration testing trainer
  10. Android and iOS application vulnerability detection and security testing

CMS Security Expert

  1. Joomla Theme, Plugin Virus, Malware detection and removal expert
  2. Magento Theme, Plugin Virus, Malware detection and removal expert
  3. Drupal. woo-commerce security expert including PCI-DSS compliance audit ** I am able to conduct a complete security audit for any CMS including network, server and database.

Certification Achieved

  1. CEH v10 - Certified Ethical Hacker v10
  2. ECSA v9 - EC- Council Certified Security Analyst v9
  3. CEI v2 - Certified EC-Council Instructor v2
  4. Certified Application Security Engineer - Java
  5. Licensed Penetration Tester (Master)
  6. Alien Vault Certified Security Engineer (Training done waiting for sit for the Exam)
  7. CISSP - Certified Information Systems Security Professional (ISC2 Training done waiting for sit for the Exam)
  8. ISO 27001 Lead Implementor.
  9. Microsoft Certified: Azure Security Engineer Associate (AZ - 500)

Md Azizur Rahman's Projects

rescope icon rescope

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

secmon icon secmon

SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.

sendtoxray icon sendtoxray

SendToXray - Burp Suite Extender, Send HTTP request to XRAY proxy.

shellz icon shellz

shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.

shotdroid icon shotdroid

ShotDroid is a pentesting tool for android. There are 3 tools that have their respective functions, Get files from Android directory, internal and external storage, Android Keylogger + Reverse Shell and Take a webcam shot of the face from the front camera of the phone and PC.

sn1per icon sn1per

Automated pentest framework for offensive security experts

spiderfoot icon spiderfoot

SpiderFoot automates OSINT so you can focus on analysis.

spraygen icon spraygen

Password list generator for password spraying - prebaked with goodies

sqli-labs icon sqli-labs

SQLI labs to test error based, Blind boolean based, Time based.

ssrf-king icon ssrf-king

SSRF plugin for burp Automates SSRF Detection in all of the Request

t14m4t icon t14m4t

Automated brute-forcing attack tool.

tankigen icon tankigen

Python script that automate the process of generating various reverse shells.

threatmapper icon threatmapper

Identify vulnerabilities in running containers, images, hosts and repositories

tirefire icon tirefire

Scalable tool to quickly and intuitively begin enumeration. Outstanding for HackTheBox and OSCP type machines.

torapf icon torapf

TORAPF is a Tor Network Admin Page Finder Tool.It can help to get admin page from tor network.

vapi icon vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable PHP Interface that mimics OWASP API Top 10 scenarios in the means of Exercises.

vprioritizer icon vprioritizer

vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)

webstor icon webstor

A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.

xerror icon xerror

fully automated pentesting tool

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.