Seyed

About Seyed

As a highly skilled Cybersecurity Expert with seven years of experience in web penetration testing, including one year at the Central Bank of Iran, I have a proven track record of delivering exceptional results in the field of information security. With expertise in identifying and assessing vulnerabilities in complex systems, I possess the knowledge and skills necessary to implement effective security measures and provide expert guidance to organizations seeking to enhance their security posture. Moreover, I am dedicated to continuously improving my skills and knowledge in the field of cybersecurity and regularly complete courses on platforms such as HackTheBox to stay up-to-date with the latest trends and techniques

SKILLS

• Expert knowledge of common penetration testing tools and techniques, including but not limited to: Nmap, Metasploit, Burp Suite, and Wireshark.
• In-depth understanding of web application security vulnerabilities, such as SQL injection, cross-site scripting (XSS)
• Proficient in Python programming language for automating various tasks related to Penetration Testing.
• Familiarity with network security concepts, including firewalls, intrusion detection and prevention systems (IDS/IPS), and virtual private networks (VPNs).
• Experience in writing comprehensive and clear reports detailing the findings of security assessments and recommendations for remediation.

EXPERIENCES

Cybersecurity Expert specializing in Penetration Testing

Central Bank Informatics Services Company,

Tehran, Iran November 2021 - Present (1 year 6 months – Full Time)

• Contributed to improving the overall security posture of the organization.
• Designed a knowledge transfer tool to improve knowledge sharing among team members.
• Started the Hojat framework project, an internal Python-based framework for automating various tasks related to penetration testing

Cybersecurity Expert specializing in Penetration Testing

Future Wave Ultratech Company, Tehran, Iran 

August 2017 - November 2021 (4 years 4 months – Full Time)

• As a Senior Expert in Penetration Testing at Future Wave Ultratech for almost 4 years, I successfully contributed to multiple bank projects by performing web and network application penetration testing. My expertise in web application penetration testing allowed me to successfully carry out several successful projects, and I further expanded my skills to include mobile application penetration testing, achieving further success in this area.
• I have conducted penetration testing on more than 10 Android and iOS application projects. Additionally, I have completed 3 web application penetration testing projects for banking applications and identified over 2 critical vulnerabilities, such as SQL injection (SQLi) and Insecure Direct Object References (IDOR). Moreover, I have identified various vulnerabilities in mobile application penetration testing projects, including RootDetection Bypass, SSL Pinning, Jailbreak Bypass, and more.
• I have also undertaken independent study in the area of penetration testing for telecommunications networks, specifically the RAN and PS departments. Using equipment such as BladeRF and attack scenarios such as IMSI Catcher, I have developed an automatic tool with Python for identifying individuals in close proximity to RTLSDR equipment

Cybersecurity Expert specializing in Penetration Testing

Raja Information Technology Company ,

Tehran, Iran August 2015 - August 2017 (2 years - Full Time)

• As a Senior Penetration Testing Expert at Raja Information Technology, I played a key role in multiple banking projects, including CoreBanking for one of the largest banks in the country. During these projects, I conducted successful penetration testing and identified critical vulnerabilities, including the MS17-010 vulnerability.
• As a Project Manager in multiple penetration testing projects, I managed a team of 4 people and effectively coordinated the project to ensure its success. These experiences contributed significantly to my professional growth and development, building my expertise in leadership and project management.

CERTIFICATES

International Cyber Conflicts Cybersecurity and Its Ten Domains

Taking HackTheBox Academy courses Cybersecurity: Developing a Program for Your Business

EDUCATION

I received my Associate Degree of Computer Software Engineering from Islamic Azad University Yadgar Imam branch in Iran in January, 2011 - May 2013.

I received my Bachelor of Computer Software Engineering from Miaad university in Iran in September 2018 - June 2020.