Ahammed Shamil K

Experienced web penetration tester with a demonstrated history of successfully identifying and resolving security vulnerabilities. Possessing two years of practical expertise in assessing web application security, analyzing attack surfaces, and conducting ethical hacking tests to bolster the resilience of online systems and data.

• Conferred with "On The Spot Award" for outstanding achievement in web application penetration testing from TATA Consultancy Services Limited.
• Top 20 Rank 16 in DOME CTF Organised in collaboration by Kerala Police Cyberdome and Beagle Security as part of c0c0n 2020

Volunteer on CoCoNet'19

Volunteer on third international conference on computing and network communications(coconet'19) - IIITM-K

Digital Document Filing System 

A system for convert paper document into digital document 

Intrusion Detection System For Cloud Computing

An Intrusion detection system for cloud computing using artificial neural networks 

Advance Program in Ethical Hacking and Cyber Security

Certificate of completion of the course Advance Program in Ethical Hacking and Cyber Security by LetsUpgrade 

Advanced SSRF Exploitation

Certificate of participation in Advanced SSRF Exploitation workshop. 

Practical Mobile App Attack By Example

Certificate of participation in Practical Mobile App Attack By Example workshop. 

Certificate of participation in HAC'KP

International Virtual Hackathon 2020 initiated by Kerala police 

Certificate of participation in the third international conference on computing and network communications(coconet'19) (12/2019 – 12/2019)

Held at Indian institute of information technology management-Kerala 

Certificate of participation in Blockchain workshop 

Held at Mahatma Gandhi College, Iritty, Kannur 

Security Testing in SDLC:

• Dynamic Application Security Testing (DAST): Proficient in conducting dynamic security testing to assess vulnerabilities in running applications and identifying potential threats.
• Static Application Security Testing (SAST): Skilled in performing static security testing to analyse source code and identify vulnerabilities early in the development process.
• Software Composition Analysis (SCA): Experienced in software composition analysis to assess third-party components and their potential security risks in the software supply chain.

Cybersecurity and Penetration Testing:

• Penetration Testing Frameworks: Proficient in using Kali Linux as a comprehensive platform for ethical hacking and penetration testing.
• Web Application Security: Experienced in BurpSuite for web application security testing and Veracode for Static Application Security Testing (SAST) and Software Composition Analysis (SCA).
• Network Analysis and Monitoring: Skilled in using Wireshark for network analysis, Tcpdump for packet capturing, and Metasploit for network penetration testing.
• Password Cracking and Hash Analysis: Competent in John the Ripper for password cracking and Hashcat for hash analysis.
• Wireless Network Testing: Proficient in Aircrack-ng for wireless network security and Ettercap for network sniffing.
• Directory and Subdomain Enumeration: Skilled in using Gobuster and Sublist3r for directory and subdomain enumeration.
• Virtualization Platforms: Experienced in VMware and VirtualBox for creating virtual environments to simulate real-world scenarios for testing.

Cyber Forensics Analysis:

• Data Recovery and Analysis: Proficient in using TestDisk and PhotoRec for data recovery and file system analysis.
• Digital Forensics Tools: Skilled in employing Autopsy, OSForensic, Belkasoft Ram Capture, and Belkasoft Evidence Center for comprehensive digital forensics analysis.
• Virtual Disk Management: Experienced in using disk2vhd for creating virtual disk images and SDelete for secure file deletion.
• Network Monitoring and Analysis: Competent in using TCPView for network connection monitoring and AutoRuns for managing auto-starting programs.
• Process Monitoring: Proficient in utilizing Process Explorer and Process Monitor for in-depth process and system monitoring.

Reverse Engineering:

• Decompilation Tools: Proficient in using dex2jar and JD-GUI for decompiling and analyzing Java-based applications.
• Android App Decompilation: Skilled in decompiling Android apps using Apktool to inspect the app's structure and behavior.
• Low-Level Analysis: Experienced in using HxD for low-level binary analysis, enabling a deep understanding of the inner workings of software.

Authentication and Identity Management:

• Secure Authentication Design: Proficient in designing robust and secure authentication processes for applications, ensuring data privacy and protection.
• Multi-Factor Authentication (MFA): Experienced in implementing multi-factor authentication mechanisms, enhancing user identity verification and security.

Payment Gateway Integration:

• Payment Gateway Integration: Proficient in integrating payment gateways into various applications, ensuring seamless and secure online transactions.
• Secure Integration: Experienced in prioritizing and implementing security measures during payment gateway integration to safeguard financial transactions and user data.

Application Development:

• Mobile App Development: Proficient in Android app development, utilizing Java and Android Studio.
• Web Development: Strong skills in web development using PHP and the Yii Framework, including the use of Composer for package management.
• Database Management: Skilled in working with SQL for efficient database design and management.
• Front-End Development: Proficiency in JavaScript, React.js, and npm for building interactive and responsive user interfaces.
• Server-Side Development: Experienced in Node.js for server-side application development.
• Database Management: Competence in working with MongoDB for data storage and retrieval.
• Hosting and Deployment: Familiarity with cPanel for web hosting management and Docker for containerization.
• Server Administration: Skilled in SSH, openSSH, and Linux for server administration, including shell scripting (bash) and setting up cronjobs for automated tasks.
• Version Control: Proficient in Git and SVN for version control, enabling efficient collaboration and code management.

Automation Test Engineering:

• Test Automation Framework: Proficient in building and utilizing automation frameworks with TestNG for test suite management, Java as the primary programming language, and Selenium for test script creation and execution.
• Integrated Development Environment (IDE): Experienced in using Eclipse as the IDE of choice for developing and maintaining automated test scripts.
• Test Scripting: Skilled in writing and maintaining automated test scripts in Java, enabling efficient and reliable testing processes.

Machine Learning and Data Analysis:

• Python: Proficient in using Python for various machine learning and data analysis tasks.
• Data Manipulation: Skilled in using Pandas for efficient data manipulation, cleaning, and transformation.
• Deep Learning: Experienced in utilizing Keras for deep learning model development.
• Machine Learning Libraries: Proficient in Scikit-Learn for implementing machine learning algorithms and data modeling.
• Numerical Operations: Competent in NumPy for performing numerical operations and mathematical computations.
• Data Visualization: Skilled in using Matplotlib to create data visualizations for insights and reporting.
• Text Analysis: Proficient in Wordcloud for text analysis and visualization.
• Document Text Extraction: Experienced in using Textract for extracting text content from various document formats, enabling text-based data analysis.

Software Proficiency and Operating Systems:

• Microsoft Office Suite: Skilled in using Word and Excel for document creation and data analysis.
• AI-Powered Chatbot: Proficient in utilizing ChatGPT for natural language understanding and assistance.
• Operating Systems: Experienced in working with a variety of operating systems, including Windows, Windows Subsystem for Linux (WSL), Linux, and Ubuntu, ensuring adaptability across different computing environments.