Professional Web Application Penetration Tester | Cybersecurity Specialist | Ethical Hacker
📧 Contact Me
I am Maksudur Rahman Rony, a passionate Web Application Penetration Tester & Cybersecurity Specialist with hands-on experience in:
✅ Web Application Security (OWASP Top 10, API Security, Authentication & Access Control Testing).
✅ Reconnaissance & Bug Bounty Hunting (Subdomain Enumeration, JS File Analysis, Secret Hunting, Github Recon, API Fuzzing).
✅ Advanced Exploitation Techniques (SSRF, SSTI, XXE, SQLi, XSS, CSRF, CORS, Host Header Injection, File Upload Exploits).
✅ Vulnerability Assessment using industry tools like Burp Suite, Nuclei, Subfinder, Katana, FFUF, wpscan etc.
✅ Cloud & Source Code Security (Secret Leakage, Git Dorking, API Key Exposure, JWT Attacks).
I have completed CEH (10+ modules), covered almost all of OSCP (Active Directory pending), and hold a strong track record in practical platforms like TryHackMe 30+ rooms solved.
💡 My goal is to secure applications by identifying and fixing vulnerabilities before attackers exploit them.
Languages: C, Python, Bash Scripting
View Project
All known user input-based injection methods categorized with payloads.
View Project
Automated bug bounty scanning tool.
View Project
Red team reconnaissance and enumeration toolkit.
View Project
Real-time CVE scanner for critical vulnerabilities.
View Project
Detailed walkthrough of exploiting NoSQL-based login bypasses.
View Project
All of Maksudur Rahman's detailed challenge solutions on TryHackMe.
Comprehensive black-box and gray-box testing of web applications to find security flaws following OWASP standards.
Automated and manual scanning with detailed reporting including risk ratings and remediation steps.
Simulated bug bounty engagements focused on real-world attack vectors with PoC writeups.