Conducted offensive security exercises in TryHackMe labs — reconnaissance, vulnerability analysis & exploitation. Used Nmap for network enumeration across /24 subnet, identifying 50+ live hosts. Exploited misconfigurations on 3 target systems using Metasploit.
Developed a full-stack web login application with security best practices. Implemented password hashing (bcrypt) and prepared statements, mitigating 100% of SQL Injection and XSS attack vectors — addressing OWASP Top 10 vulnerabilities A1 and A7.
Built a virtual lab with Kali Linux (attacker) and Metasploitable (target) VMs. Applied comprehensive OS hardening — configured iptables firewall rules, enforced strict user permissions, secured SSH by disabling root login, reducing critical attack vectors by 60%.
Captured and analyzed over 1 GB of network packets to identify normal and malicious traffic patterns, including DNS exfiltration and HTTP-based attacks. Generated 5+ detailed incident reports documenting suspicious activity and IoCs.
Built an IoT-focused scanning workflow to discover exposed devices and services, profile open ports, and identify insecure configurations for faster vulnerability triage in smart-network environments.