Hello World
I am Yasser Khan

Information Security Consultant | OSCP | Security Researcher | SRT | Purple Teamer | Learner

                        “I’m good at reading Application's. My secret? I look for the worst in them.”

About Me

Here's a quick rundown of my background :)

Yasser khan is working as Information Security Consultant and is also a Security Researcher. He Holds a bachelors degree in Computer Science & Information Security, He has a demonstrated history of working in the computers and Cyber Security industry. Skilled in Vulnerability Management, Mobile Applications, Ethical Hacking, Digital Forensics, and Cryptography. Strong information technology professional with a Bca focused in dual specialization information security and mobile application from Jain (Deemed-to-be University).

Download CV

Skills

Web Application Penetration Testing

API Penetration Testing

Code and architectural reviews

Internal & External Network Penetration Testing

Thick Client Penetration Testing

Mobile Application Penetration Testing (Android/IOS)





Digital Forensics

Security Tools - Burp Suite, Nmap, Metasploit, Sqlmap & Others

Java, Python, Php, Bash

Shell Scripting

Experience

Confidential

Information Security Consultant

December 2021 - Present

Currently working as a Information Security Consultant, My responsibilities includes end-to-end penetration testing, Configuration Reviews, Reporting, Documentation and Suggesting the Mitigation, Consistently engaging with clients, Working with the Banking and Financial Industry.

Anker Cloud

Cyber Security Engineer

May 2021 - Dec 2021

Worked as a Cyber Security Engineer at AnkerCloud, My responsibilities includes end-to-end penetration testing, open source intelligence, Cloud Configuration Reviews, Reporting, Documentation and Suggesting the Mitigation.

Synack Red Team

Synack Red Teamer

September 2021 - Present

Accessing & Securing the applications.

Vast Dreams Group

Security Analyst

January 2021 - May 2021

Worked as a Security Analyst at Vast Dream Group, My responsibilities includes Manual Penetration Testing of Web Application, Internal and External Network, APIs, Mobile Applicaiton, Thick Clients, Threat Modeling, Configuration Review, Reporting & Documentation.

Detectify

Security Researcher

May 2021 - Present

Building Modules & Securing the applications.

HackerOne

Security Researcher

April 2020 - Present

Accessing & Securing the applications.

Projects & Publications

Awesome Oneliner

Open Source Tools used for Automating Bash Script

Written in Bash

Give a Try

Simple-IP-Convertor

Useful for port scanning/analysis and VHOST identification, this script transforms a list of subdomains to IP addresses.

Written in Bash

Give a Try

Reverse Shell Generator

This Tool will Help Generating Backdoor, Reverse-Shells

Give a Try

Wall of Fame

CVE-2021-42645

CVE-2021-41381

Xfinity Home & xFi

Comcast

P&G

ISC2

Hubspot

Ingenico Group

Transferwise

Arlo

Redox

Telefonica Germany

Sophos

Gusto

Dell Technologies

Overstock

InVision

Humble Bundle

Mastercard

You Need a Budget

Jet.com

Centrify

NASA

MasterCard VDP

Cybrary

Harvard University

40+ Private Programs

Certifications & Achievements

Offensive Security Certified Professional (OSCP)

Offensive Security

Credential ID OS-101-56798

Red Team Operator Level ll - Rastalabs

Hack The Box

Credential ID HTBCERT-228663BB09

Introduction, Unix, Essential, PCAP, White & Serialize Badge

PentesterLab

Computer Forensics Investigation - Autopsy Hands On

Basis Technology

Certified Offensive API Pentester

Hackersera

Credential ID 7A4423E2E6A4B2A1578F17A9228703CFB099E4B3

Community Engagements

OWASP-Bangalore

2018-2020

HEAD Member of UTTUNGHA In Jain University

Organizer-NETCON21 CTF

2020-2021

Education

BCA Professional's - Computer Science with Information Security and Mobile Application

Jain University

2018-2021

7.455 CGPA

High School

Surana College

2015-2017

70%