I'm atheltic build; 6'2", love high activity sports like martial arts and ocasional swimmer. I spend time in hacking and do vulnerability research and security bug bounty otherwise.
With that said, I love flying drones and driving cars. Driving a manual vehicle is a blessing in disguise for those who understand the spirit of it. I have created dozens of websites for fun and profit and have been occasional speaker at security conferences. Those who understand technical jargon: I have many zerodays associated to my name. And with the experience I had with reporting issues; I have decided to keep future zerodays to myself only. Money is not a deterministic factor for the decisions I take.
January 2015 - February 2017
VAPT of Web Applications (Thick / Fat client, Rich client, Thin client), Daimler Network /
Infrastructure security, mobile (Android, iOS) and various CMS and implementing configurations while providing mitigation techniques to application owners as per OWASP and DREAD standards.
● Enforcing DISC (Daimler Information Security Compendium) policies.
● Conducting Kick-Off calls with Product Owners (VPs / Senior VPs).
● Completed security assessments of 15 applications singlehandedly with worth of € 4.5K each.
● Completed security assessment as network PT for 4 geographical locations as a team.
March 2017 - December 2017
VAPT of Web Applications (Thick / Fat client, Rich client, Thin client) and vulnerability chaining
with post-exploitation of various CMS (Content Management Systems) and OSL (Open Source
● Triage with developers while maintaining security : efficiency trade-off.
● Threat Modelling (design and implementation viz. CVSS).
● Completed security assessments of 20 applications singlehandedly.
December 2017 - June 2018
VAPT and SAST of Web Applications, Mobile Applications and RESTful APIs and services and of
various CMS (Content Management Systems) and OSL (Open Source Libraries).
● Penetration Testing of third-party payment gateways and plug-ins as per OWASP, SANS …
● Completed security testing and ‘Sign-Off’ of 15+ applications 100+ enhancements
● Responsible for addressing ‘Security Bug Bounty’ and rewards program.
August 2018 - October 2019
LVAPT, Blackbox pen-test of in-house applications primarily or a third-party integration covering
broadly multiple clients pertaining to Web Applications, Mobile Applications, Network /
Infrastructure, IoT, Rich Clients, Thick Clients and System.
● Handling client products like Tenable, AttackIQ and supporting Carbon Black, LogRhythm.
● Digital Forensics and Incident Response to security incidents, violations and potential threats.
● Simulating attack scenarios to test the implemented setup of security monitoring teams.
● Leading Red-Team activity and creating post-exploitation scenarios with execution.
● Handled vendor POCs from technical perspective pertaining to tools for SOC integration.
● Mentoring / managing technical resources for PenTest and skill development.
● Performing malware analysis for in-house app installation requests and apps that have clear
public record but have potentially malicious behavior.
● Completed security assessment of 100+ projects singlehandedly.
● Provided secure design structure for Security and Network Operations.
October 2019 - Present
Red-Teaming, VAPT of Web, Mobile, Networks and IoT based applications and devices.
● Audit of security controls in place.
● Performing Red-Team activity, creating strategies and relevant scenarios for it.
● Creating secure design / architecture for the new concepts and AI based applications.
● Leading / guiding the security team for security assessments and red-team activities.
● Completed 5 security assessment and counting…
Aamer is a gifted Pentester with a unique personality, I've worked alongside Aamer for a couple of months, and he proved his dedication and skills by finding security vulnerabilities that could damage the business, I happily recommend him here on LinkedIn, and do so in person whenever I have the opportunity.
Aamer; hacker is an incredibly knowledgeable resource in the Security space. I know Aamer from past seven years. Apart from his professional skills like coding, penetration testing, network security; he is perfect at photography. He possesses a strong command of security configuration as well as business process implementation. He is a very reliable and goal oriented person. Aamer would be a tremendous asset to any organization.
If you have a business proposal for me as an individual or as a company, please share your thoughts. I am actively working as a security consultant as a freelancer for many projects around the world.
Phone: (+1) 515 3379921
Jumeirah Lakes Towers