Hello World
I am Yasser Khan

Information Security Consultant | OSCP | eWPTXv2 | Security Researcher | SRT | Purple Teamer | Learner

                        “I’m good at reading Application's. My secret? I look for the worst in them.”

About Me

Here's a quick rundown of my background :)

Yasser Khan is an Information Security Consultant and Security Researcher. He holds a bachelor's degree in Computer Science & Information Security, He has a demonstrated history of working in the computer and Cyber Security industry. Skilled in Vulnerability Management, Mobile Applications, Ethical Hacking, Digital Forensics, and Cryptography. Strong information technology professional with a Bca focused in dual specialization information security and mobile application from Jain (Deemed-to-be University).

Download CV

Skills

Web Application Penetration Testing

API Penetration Testing

Code and architectural reviews

Internal & External Network Penetration Testing

Thick Client Penetration Testing

Mobile Application Penetration Testing (Android/IOS)





Digital Forensics

Security Tools - Burp Suite, Nmap, Metasploit, Sqlmap & Others

Java, Python, Php, Bash

Shell Scripting

Experience

Confidential

Information Security Consultant

December 2021 - Present

Currently working as an Information Security Consultant, My responsibilities include end-to-end penetration testing, Configuration Reviews, Reporting, Documentation and Suggesting Mitigation, Consistently engaging with clients, Working with the Banking and Financial Industry.

Anker Cloud

Cyber Security Engineer

Febraury 2021 - December 2021

Worked as a Cyber Security Engineer at AnkerCloud, My responsibilities included end-to-end penetration testing, open source intelligence, Cloud Configuration Reviews, Reporting, Documentation and Suggesting the Mitigation.

Synack Red Team

Synack Red Teamer

September 2020 - Present

Accessing & Securing the applications.

Vast Dreams Group

Security Analyst

August 2020 - January 2021

Worked as a Security Analyst at Vast Dream Group, My responsibilities included Manual Penetration Testing of Web Applications, Internal and External Networks, APIs, Mobile applications, Thick Clients, Threat Modeling, Configuration Review, Reporting & Documentation.

Detectify

Security Researcher

May 2021 - Present

Building Modules & Securing the applications.

HackerOne

Security Researcher

April 2019 - Present

Accessing & Securing the applications.

Projects & Publications

Awesome Oneliner

Open Source Tools used for Automating Bash Script

Written in Bash

Give a Try

Simple-IP-Convertor

Useful for port scanning/analysis and VHOST identification, this script transforms a list of subdomains to IP addresses.

Written in Bash

Give a Try

Reverse Shell Generator

This Tool will Help Generating Backdoor, Reverse-Shells

Give a Try

Wall of Fame

CVE-2021-42645

CVE-2021-41381

Xfinity Home & xFi

Comcast

P&G

ISC2

Hubspot

Ingenico Group

Transferwise

Arlo

Redox

Telefonica Germany

Sophos

Gusto

Dell Technologies

Overstock

InVision

Humble Bundle

Mastercard

You Need a Budget

Jet.com

Centrify

NASA

MasterCard VDP

Cybrary

Harvard University

40+ Private Programs

Certifications & Achievements

Offensive Security Certified Professional (OSCP)

Offensive Security

Credential ID OS-101-56798

Web Application Penetration Tester eXtreme (eWPTXv2)

eLearnSecurity

Credential ID 4556383

Red Team Operator Level ll - Rastalabs

Hack The Box

Credential ID HTBCERT-228663BB09

Introduction, Unix, Essential, PCAP, White & Serialize Badge

PentesterLab

Computer Forensics Investigation - Autopsy Hands On

Basis Technology

Certified Offensive API Pentester

Hackersera

Credential ID 7A4423E2E6A4B2A1578F17A9228703CFB099E4B3

Community Engagements

OWASP-Bangalore

2018-2020

HEAD Member of UTTUNGHA In Jain University

Organizer-NETCON21 CTF

2020-2021

Education

BCA Professional's - Computer Science with Information Security and Mobile Application

Jain University

2018-2021

7.455 CGPA

High School

Surana College

2015-2017

80%