Hi, I’m Muhammad Zubair, an Offensive Security Professional. I use writing to share insights and help others navigate the evolving world of cybersecurity.

Certifications

Offsec Certified Professional (OSCP) OffSec — Oct 2024
Certified Penetration Testing Specialist HackTheBox — Feb 2024
Dante Pro Labs HackTheBox — Mar 2024
IT Essentials: PC Hardware and Software Cisco — Feb 2022

Experience

Practical Cybersecurity Experience in CTFs & Labs Feb 2022 — Present

• Top 4% on TryHackMe. Hacker rank on HackTheBox.

Cybersecurity Analyst — ElevenTech Yards (PVT) Limited Mar 2023 — Aug 2024

Enhanced the organization’s security posture by 40%, ensuring zero data or password leaks. Trained team members on best security practices to maintain a safe environment. Developed a more secure website, effectively safeguarding external-facing assets from potential threats.

Skills

Active Directory Pentesting (Professional)

• Kerberoasting, Privilege Escalation, LDAP Reconnaissance, Credential Dumping, Pass-the-Hash

Web Application Security (Professional)

• Session Hijacking, Cross-Site Request Forgery (CSRF), Directory Traversal, Insecure Deserialization, Server-Side Request Forgery (SSRF)

Network Penetration Testing (Professional)

• Port Scanning, Service Enumeration, Firewall Evasion, Vulnerability Scanning, Network Mapping

Wireless Security Assessment (Professional)

• Wireless Network Mapping, WPA/WPA2 Cracking, Rogue Access Point Detection, Bluetooth Security Testing, Evil Twin Attacks

Windowsws/Linux Security (Professional)

• File Permissions Audit, Kernel Exploit Identification, Log Analysis, Configuration Hardening, User Management Security