Affan Mulla

• Performing vulnerability assessments and penetration testing on client networks, applications, and systems to identify security weaknesses.
• Assessing risks associated with identified vulnerabilities, categorizing them by severity, and suggesting effective mitigation strategies.
• Conducting phishing simulations to assess organizational susceptibility to social engineering attacks and educating employees on phishing risks.
• Utilizing Snyk to perform static code analysis, identifying vulnerabilities within the codebase before deployment.
• Using Nessus and Qualys to identify, prioritize, and report vulnerabilities across network and system infrastructures.
• Advising clients on strengthening their security posture, helping them understand and implement best practices.
• Using a variety of tools, scripts, and techniques to simulate cyber-attacks and test the security of systems and networks.
• Working closely with development, IT, and security teams to implement solutions and enhance organizational security policies.

• Assisted senior penetration testers in conducting comprehensive security assessments of systems, networks, and applications.
• Conducted vulnerability scans and manual penetration testing under supervision, identifying and documenting security weaknesses.
• Researched new attack vectors, tools, and methodologies to enhance team's understanding of emerging threats.
• Contributed to development of detailed reports outlining vulnerabilities discovered, their potential impact, and recommendations for remediation.
• Demonstrated proficiency in using penetration testing tools and frameworks such as Metasploit, Nmap, Burp Suite, Wireshark, etc.

• Fostered a customer-centric culture within the team by consistently reinforcing the importance of empathy, understanding, and patience in all interactions with clients.
• Collaborated with team members to develop best practices for consistent customer service delivery.

• Conducted comprehensive and systematic assessments on various fronts including Web Apps, APIs, and Mobile Apps.
• Utilized expertise in both manual testing and analysis, as well as automated web application vulnerability scanning and testing tools such as Nessus, Burp Suite, Wpscan, Appscan, MobSF, Immuniweb, and Nmap.
• Successfully uncovered critical vulnerabilities including SQL injection, XXE, CSRF, and authentication bypass in dynamic web applications through in-depth web application penetration testing.
• Identified vulnerabilities and efficiently distinguished false positives during Vulnerability Assessment.

• Actively participated in team meetings, offering insightful suggestions that led to innovative problem-solving strategies.
• Conducted research for various projects, leading to well-informed decisions and successful outcomes.

• Provided technical support, diagnosing, and resolving hardware and software issues promptly to minimize downtime.
• Managed and maintained technical equipment and software, ensuring optimal performance and up-to-date systems.