I have started my journey in the security field as a bug bounty hunter And started my professional journey as Penetration Tester. In these 6+ years of experience In Web Application Security And Network Security, I have performed Penetration Testing on many national and international Banking, Financial, Government, Health, and many giant organizations' Internal and external applications with direct client communication. I'm good at business logic flaws and server-side vulnerabilities and known for my Unique Recon Methodology covers the whole infrastructure of an organization.

I Have submitted numerous security flaws to giant tech organizations like Epic Games, Microsoft, Nintendo, Redbull, And many more. I'm good at finding business logic flaws and server-side vulnerabilities like SQL injections, SSRF, And Other Injection Attacks. I also have expertise in Web 3.0, and Blockchain technology has always been my favorite. Have 3 Years of experience in blockchain security and Smart Contract Security Auditing. I love to find bugs like Reentrancy, Incorrect calculation of the output token amount, And Indirect execution of unknown code in Smart Contracts.

I'm a Kali Linux user using Kali Linux for more than Six years with good bash skills. I can also write exploits and do some automation using Python and bash. I can read and understand the code written in PHP, SQL, Python, JavaScript, Java, C++, and Solidity to debug and find vulnerabilities.

Skills :

1. Vulnerability Assessment
2. Penetration Testing
3. Cybersecurity Consultancy
4. Network Security
5. External Infrastructure Assessment
6. Pivoting, Persistence, and Escalation
7. Source Code Analysis
8. Mobile App Testing
9. Application Attack Surface Mapping
10. Web Server and Database Review
11. Smart Contracts Security Auditing

Regards,
Hashir Khan